Design a power point presentation on the physical security requirements for a location of your choice (for example, a commercial property, airport, retail shop, industrial enterprise, financial and go
FEMA Risk Management Series Site and Urban Design for Security Guidance Against Potential Terrorist Attacks FEMA 430 / December 2007 About the Cover The Federal Complex in Chicago, Illinois, consists of three iconic Mies van der Rohe buildings and includes a large Alexander Calder sculpture. Security protection in – volved the design of effective security measures that harmonize with the unique architectural character of the complex. SOURCE: PHOTOS AND DRAWINGS PREPARED FOR US GENERAL SERVICES ADMINISTRATION BY TENG AND ASSOCIATES, CHICAGO Risk ManageMent seRies Site and Urban Design for Security Guidance Against Potential Terrorist Attacks Providing Protection to PeoPle and Buildings FEMA 430 / December 2007 FEMAFEMA Any opinions, findings, conclusions, or recommendations expressed in this publication do not necessarily reflect the views of FEMA. Additionally, neither FEMA nor any of its employees makes any warranty, expressed or implied, or assumes any legal liability for accuracy, completeness, or usefulness of any information, product, or process included in this publication. Users of information from this publication assume all liabilities arising from its use. Foreword and acknowledgments i Foreword and acknowledgments Foreword t he Federal Emergency Management Agency (FEMA) has developed this publication, Site and Urban Design for Security: Guidance against Po – tential Terrorist Attacks, to provide information and design concepts for the protection of buildings and occupants, from site perimeters to t he faces of buildings. The intended audience includes the design commu – nity of architects, landscape architects, engineers and other consultants working for private institutions, building owners and managers and state and local government officials concerned with site planning and design . Immediately after September 11, 2001, extensive site security measures were put in place, particularly in the two target cities of New York and Washington. However, many of these security measures were applied on an ad hoc basis, with little regard for their impacts on development pat – terns and community character. Property owners, government entities and others erected security barriers to limit street access and installe d a wide variety of security devices on sidewalks, buildings, and transporta tion facilities. The short-term impacts of these measures were certainly just i- fied in the immediate aftermath of the events of September 11, 2001, b ut traffic patterns, pedestrian mobility, and the vitality of downtown street life were increasingly jeopardized. Hence, while the main objective of this manual is to reduce physical damage to buildings and related infra- structure through site design, the purpose of FEMA 430 is also to ensure that security design provides careful attention to urban design values b y maintaining or even enhancing the site amenities and aesthetic quality i n urban and semi-urban areas. This publication, FEMA 430, is one of a series that addresses security is- sues in high-population private-sector buildings. It is a companion to the Reference Manual to Mitigate Potential Terrorist Attacks Against Buildings (FEMA 426), which provides an understanding of the assessment of threats, hazards, vulnerability, and risk, and the design methods needed to improve protection of new and existing buildings and the people occu-pying them. Chapter 2 of FEMA 426 provides guidance on site layout and design and discusses architectural and engineering design considerations for risk mitigation, starting at the property line, including the orient ation and placement of buildings on the site. This publication represents an e x- pansion of Chapter 2 and focuses in more detail on information useful to the site security design team. Foreword and acknowledgments ii In addition, this publication expands on Instruction Unit IX, “Site a nd Layout Design Guidance,” in the Building Design for Homeland Security Training Course (FEMA E155) and also summarizes some of the concepts in Risk Assessment: A How-To Guide to Mitigate Potential Terrorist Attacks Against Buildings (FEMA 452). Some of the technical information on de- sign against blast contained in the Primer for Design of Commercial Buildings to Mitigate Terrorist Attacks (FEMA 427) is also summarized. These publica- tions are part of the FEMA Risk Management Series (RMS). See Chapter 1 for more details regarding the RMS publications. The primary use of the concepts in this publication is for building sites, al- though some of the design measures discussed could be adapted for other types of site development. The information and recommendations con- tained in this document are: m Not mandatory m Applicable primarily to high-risk sites m May not apply when they conflict with other hazards such as fire This publication has been developed in collaboration with the the New York City Police Department (NYPD) and National Capital Planning Commission (NCPC). These organizations provided FEMA with informa- tion, graphics, photographs, and advice. oBJectIVes and scoPe The objectives of this publication are to provide site design team mem- bers with information necessary to gain an understanding of the following topics: m The FEMA risk assessment process for site design and building protection m Explosive forces and stand-off m A general understanding of strategies for protection that can be provided by site planning and design against vehicle-borne explosive attack m Current design approaches for providing perimeter protection m Current approaches to urban, semi-urban, and suburban site security design m Examples of site design that provide security while at the same time preserving or enhancing site amenity and use Foreword and acknowledgments iii This publication focuses on site design aimed to protect buildings from at – tackers using vehicles carrying explosives. These represent the most serious form of attack. Large trucks enable terrorists to carry very large amounts of explosives that are capable of causing casualties and destruction ove r a range of many hundreds of yards. Perimeter barriers and protective de – sign within the site can greatly reduce the possibility of vehicle penet ration. Introduction of smaller explosive devices, carried in suitcases or backp acks, must be prevented by pedestrian screening methods. Site design for security, however, may impact the function and amenity of the site, and barrier and access control design may impact the quality o f the public space within the adjacent neighborhood and community. The designer’s role is to ensure that public amenity and the aesthetics of the site surroundings are kept in balance with security needs. This publication contains a number of examples in which the security/ amenity balance has been maintained through careful design and collabo- ration between designers and security experts. Much security design work since September 11, 2001, has been applied to federal and state projects , and these provide many of the design examples shown. At present, fed- eral government projects are subject to mandatory security guidelines that do not apply to private sector projects, but these guidelines provi de a valuable information resource in the absence of comparable guidelines or regulations applying to private development. Operations and management issues and the detailed design of access control, intrusion alarm systems, electronic perimeter protection, and physical security devices, such as locking devices, are the province of the security consultant and are not covered here, except as they may impact the conceptual design of the site. Limited information only is provided on some aspects of chemical, biological and radiological (CBR) attacks th at are significant for site designers; extensive discussion of approaches to these threats can be found in FEMA 426. organIZatIon and contents This publication can be supplemented as needed with more extensive technical resources, and references are provided both in the text and i n Appendix B. Chapter 1 discusses some basic design issues for site-related elements. It begins by noting the evolution of site security design from the medieval castle to today’s measures, and leads to a discussion of the impact of se- curity needs on site amenity and function. It describes current programs , strategies, and publications devoted to site protection, and follows wit h Foreword and acknowledgments iv short summaries of selected terrorist attacks on buildings throughout th e world that provide specific lessons learned. A set of governing princi ples is followed by a discussion of the need for the integration of site secu rity design with more familiar issues of site planning and design. Chapter 2 outlines the basics of the FEMA risk assessment process, the first steps in determining the necessary measures to be designed and imple- mented. The chapter first discusses the determination of “acceptabl e risk’ and follows by outlining a five-step process that culminates in the se lec- tion of risk mitigation options. An explanation of explosive forces leads to a discussion of the importance of stand-off distance. Finally, strategies for the cost management of site security are outlined. The current absence of mandatory codes dealing with physical security is noted, leading to the need for a performance-based approach to security design. Chapter 3 emphasizes that site security designers should look beyond the project boundaries to seek to incorporate community resources and create design in harmony with the community values. The chapter begins by a discussion of the layers of defense concept, which structures the g en- eral approach to site security design. This is followed by a listing of the key elements of security protection that are developed in detail in late r chapters. A discussion of the community context within which security de – sign must be implemented looks at four main issues: designing in tune with the community context, respecting existing conditions, working with stakeholders, and the impact of regulatory requirements. Examples of site design are shown that illustrate the issues discussed in the text. Chapter 4 discusses a major element of security design — that of providing a secure perimeter defense for the site. This discussion is in two parts. First, general issues of barrier system design are described, with emphasis on striking a balance between security needs and the preservation of the ame – nity and day-to-day functions of the site. This section ends with a description of the present barrier crash test standards. This leads to the second and major part of the chapter that describes and illustrates the various typ es of passive and active barriers that are currently available and in use. Chapter 5 discusses the security design of open sites that incorporate a perimeter barrier and a vehicular approach to the building assets and on – site parking. This is the clearest expression of the three layers of defense model, which may take the form of a site for a single building or a camp us type with a number of buildings that are widely dispersed. The site with in the barrier forms a controlled access zone in which the design of the en try control points is critical. Within this zone, major design tasks include building placement (for new projects), orientation, sight lines, gradi ng, and drainage. Other design issues include signage, parking, loading docks and service areas, physical security lighting, site utilities, and landscaping. Foreword and acknowledgments v Chapter 6 discusses the special case of security design in the central busi- ness district in which space for stand-off distance may be severely limi ted or non-existent. Three generic site types are typical: buildings with zero setback and alleys, buildings with yards, and buildings with plazas in which a larger public open space is provided on the site by the develope r. Layers of defense for these sites are very compressed but still exist. Appendix A provides a short outline of the origins and application of “Crime Prevention through Environmental Design” (CPTED) procedures that are currently used by a number of communities in the United States to assist in reducing everyday crime. Appendix B provides a number of references, publications, and web pages that are useful in augmenting the information provided in the text. Appendix C provides a list of abbreviations and acronyms that are used in this document. acknowledgments This publication has been produced by the Earthquake Engineering Research Institute (EERI) of Oakland, California, under a grant from FEMA/DHS. Principal Authors: Christopher Arnold, FAIA, RIBA, Building Systems Development, Inc., Palo Alto, California Mary Ann Lasch, FASLA, Gensler Architects, Washington, D.C. Project Team: Milagros Kennett, Project Officer, Risk Management Series (RMS) Publications, FEMA/ Department of Homeland Security, Washington, D.C. Susan Tubbesing, Executive Director, Project Director, Earthquake Engineering Research Institute, Oakland, California Marjorie Greene, Special Projects Manager, Project Coordinator, Earthquake Engineering Research Institute, Oakland, California Eloise Gilland, Earthquake Engineering Research Institute, Copy Editor, Oakland, California Tony Alexander, Graphics Consultant, Graphics, Palo Alto, California Wanda Rizer, design4impact, Publication Design and Graphics, Abbottstown, Pennsylvania Foreword and acknowledgments vi Contributors: National Capital Planning Commission, Washington, D.C. Randall Atlas, AIA, CPP, Atlas Safety and Security Design, Miami, Florida Heather Modzelewski, ASLA, Gensler Architects, Washington, D.C. External Review Panel: Counterterrorism Division, New York City Police Department, New York City, New York Amar Chaker, Ph.D., American Society of Civil Engineers, Reston, Virginia Dr. Mohammed Ettouney, PE, Weidlinger Associates Inc., New York City, New York Douglas Hall, PSP, Smithsonian Institution, Washington, D.C. Michael Kaminskas, PE, BSCP, Raytheon UTD, Springfield, Virginia Martha Lea, ASLA, LEED AP, EDAW, Inc., Alexandria, Virginia Eric Letvin, PE, Esq., CFM, URS Corporation, Linthicum, Maryland David Levy, RA, AICP, National Capital Planning Commission, Washington, D.C. Elizabeth Miller, ASLA. AICP, National Capital Planning Commission, Washington, D.C. Donald L. Moffett, State Department R&D Program, Bureau of Diplomatic Security, Physical Security Division, Washington, D.C. Christine Saum, AIA, National Capital Planning Commission, Washington, D.C. Lloyd Siegel, AIA, Department of Veterans Affairs, Washington, D.C.Dr. Robert Smilowitz, PE, Weidlinger Associates, New York City, New York John Sullivan, Jr., PE, Portland Cement Association, Washington, D.C. Graeme Waitzkin, Rogers Marvel Architects, LLC, New York City, New York All unattributed photos and graphics are by the authors. TABLE of conTEnTs vii TABLE OF CONTENTS foREWoRD AnD AcknoWLEDgmEnTs ……………………………………………………………. i Background ……………………………………………………………… ………………………………………………. ii Objective and Scope ……………………………………………………………… ………………………………… ii Organization and Contents ……………………………………………………………… …………………….. iii Acknowledgements ……………………………………………………………… …………………………………. v 1.0 BAckgRounD 1.1 Introduction ……………………………………………………………… ……………………………………….. 1-1 1.2 The Evolution of Site Security Design ……………………………………………………………… ………… 1-2 1.2.1 Some Historical Background ……………………………………………………………… …….. 1-2 1.2.2 Contemporary Developments in Building Security …………………………………….. 1-3 1.3 The Impact of Security Needs on Site Amenity …………………………………………………………….. 1-7 1.4 FEMA Publications On Building Security ……………………………………………………………… ……… 1-9 1.5 Building Damage From Terrorist Attack: Examples and Lessons ……………………………………… 1-1 0 1.5.1 Introduction ……………………………………………………………… …………………………… 1-1 0 1.5.2 Selected Examples of Terrorist Attacks on Buildings …………………………………. 1-1 1 1.5.2.1 United States Embassy, Beirut, Lebanon, April 1983 ……………………………………………………………… ……………… 1-1 2 1.5.2.2 Marine Barracks, Beirut, Lebanon, October 1983 ……………………. 1-1 3 1.5.2.3 Baltic Exchange, City of London, April 1992 …………………………… 1-1 5 1.5.2.4 World Trade Center, New York City, February 1993 ………………… 1-1 7 1.5.2.5 Bishopsgate, City of London, April 1993 …………………………………. 1-1 9 1.5.2.6 Murrah Federal Building, Oklahoma City, April 1995 ……………………………………………………………… ……………… 1-2 1 1.5.2.7 Town Center, Manchester, England, June 1996 ……………………….. 1-2 3 TABLE OF CONTENTS viii 1.5.2.8 Khobar Towers, Dhahran, Saudi Arabia, June 1996 ……………………………………………………………… …………. 1-2 6 1.5.2.9 The United States Embassy, Kenya, August 1998 …………………….. 1-2 9 1.5.2.10 U.S Embassy, Dar es Salaam, Tanzania, August 1998 ……………………………………………………………… …………… 1-3 1 1.6 Governing Principles ……………………………………………………………… ………………………….. 1-3 4 1.7 Prescriptive Codes and a Performance-based Decision-making Process ……………………………. 1-3 6 1.8 Conclusion ……………………………………………………………… ………………………………………… 1-3 9 2.0 DEsign consiDERATions 2.1 Introduction ……………………………………………………………… ……………………………………….. 2-1 2.1.1 Acceptable Risk and Levels of Protection ………………………………………………….. 2-3 2.2 The FEMA Risk Assessment Process ……………………………………………………………… ………….. 2-5 2.2.1 Tiers of the Risk Assessment Process ………………………………………………………….. 2-6 2.2.2 The FEMA Risk Assessment Steps ……………………………………………………………… 2-7 2.2.3 Building Core Functions and Infrastructure ……………………………………………. 2-1 1 2.2.4 Building Vulnerability Checklist ……………………………………………………………. 2-1 2 2.2.5 Electronic Database for Risk Assessment and Risk Management ……………………………………………………………… ………………………….. 2-1 3 2.2.6 Ranking ……………………………………………………………… …………………………………. 2-1 3 2.2.7 Preparing the Risk Assessment ……………………………………………………………… … 2-1 6 2.3 Explosive Forces and Stand-off ……………………………………………………………… ……………… 2-1 9 2.3.1 Predicting Blast Effects ……………………………………………………………… ……………. 2-2 0 2.4 The Importance of Stand-off Distance ……………………………………………………………… ……… 2-2 1 2.5 Cost of Protection ……………………………………………………………… ………………………………. 2-2 6 2.6 Conclusion ……………………………………………………………… ………………………………………… 2-3 1 TABLE OF CONTENTS ix 3.0 sEcuRiTY DEsign AnD THE communiTY conTEXT 3.1 Introduction ……………………………………………………………… ……………………………………….. 3-1 3.2 The Three Layers of Defense ……………………………………………………………… ………………….. 3-2 3.2.1 First Layer of Defense ……………………………………………………………… ………………. 3-3 3.2.2 Second Layer of Defense ……………………………………………………………… ………….. 3-5 3.2.3 Third Layer of Defense ……………………………………………………………… …………… 3-6 3.3 Design in Tune with the Community Context ……………………………………………………………… .. 3-8 Case Study 1: The National Capital Urban Design and Security Plan ……………………………………………………………… …………………………… 3-17 Case Study 2: Analysis of Existing Conditions and the Security Design Response ……………………………………………………………… ………… 3-21 3.4 Working with Stakeholders ……………………………………………………………… …………………… 3-2 6 Case Study 3: The Mies van der Rohe Chicago Federal Center …………………… 3-28 3.5 The Impact of Regulatory Requirements ……………………………………………………………… ….. 3-3 2 Case Study 4: Battery Park City Streetscapes Project ………………………………….. 3-35 3.6 Conclusion ……………………………………………………………… ………………………………………… 3-3 8 4.0 PERimETER sEcuRiTY DEsign 4.1 Introduction ……………………………………………………………… ……………………………………….. 4-1 4.2 Barrier System Design ……………………………………………………………… ………………………….. 4-2 4.2.1 Issues of Barrier Systems Design ……………………………………………………………… .. 4-2 Case Study 5: A Major Government Building ……………………………………………… 4-8 4.2.2 Barrier Crash Test Standards ……………………………………………………………… …… 4-1 0 4.2.3 Determining Barrier Design Criteria ……………………………………………………….. 4-1 2 4.3 Barrier Materials And Types ……………………………………………………………… ………………….. 4-1 3 4.3.1 Materials ……………………………………………………………… ………………………………… 4-1 3 4.3.2 Barrier types ……………………………………………………………… …………………………… 4-1 3 TABLE OF CONTENTS x 4.4 Passive Barriers ……………………………………………………………… ………………………………… 4-1 5 4.4.1 Walls, Excavations, Berms, Ditches, and Ha-Ha’s ………………………………………. 4-1 5 4.4.2 Engineered Planters ……………………………………………………………… ……………….. 4-1 9 4.4.3 Fixed Bollards ……………………………………………………………… ………………………… 4-2 2 4.4.4 Heavy Objects and Trees ……………………………………………………………… …………. 4-2 5 4.4.5 Water Obstacles ……………………………………………………………… ………………………. 4-2 9 4.4.6 Jersey Barriers ……………………………………………………………… ………………………… 4-3 0 4.4.7 Fences ……………………………………………………………… ……………………………………. 4-3 1 4.4.8 Reinforced Street Furniture and Fixtures …………………………………………………. 4-3 3 4.5 Active Barriers ……………………………………………………………… ………………………………….. 4-3 8 4.5.1 Retractable Bollards ……………………………………………………………… ………………… 4-3 8 4.5.2 Rising Wedge Barriers ……………………………………………………………… …………….. 4-4 0 4.5.3 Rotating Wedge Systems ……………………………………………………………… ………….. 4-4 2 4.5.4 Drop Arm Crash Beams ……………………………………………………………… …………… 4-4 3 4.5.5 Crash Gates ……………………………………………………………… …………………………….. 4-4 4 4.5.6 Surface-Mounted Rotating Plates …………………………………………………………….. 4-4 4 4.6 Innovative Barrier Systems ……………………………………………………………… …………………… 4-4 5 4.6.1 The NOGO barrier ……………………………………………………………… …………………. 4-4 5 4.6.2 The TigerTrap ……………………………………………………………… ………………………… 4-4 6 4.6.3 The Turntable Vehicle Barrier ……………………………………………………………… …. 4-4 7 4.7 Conclusion ……………………………………………………………… ………………………………………… 4-4 9 5.0 sEcuRiTY DEsign foR THE oPEn siTE 5.1 Introduction ……………………………………………………………… ……………………………………….. 5-1 5.2 Layers of Defense for the Open Site ……………………………………………………………… …………. 5-1 5.3 Access Control Points ……………………………………………………………… ……………………………. 5-5 5.4 Control of Vehicular Approach Speed ……………………………………………………………… …………. 5-6 TABLE OF CONTENTS xi 5.5 Gatehouses and Security Screening ……………………………………………………………… …………… 5-8 5.5.1 Gatehouses ……………………………………………………………… ………………………………. 5-9 5.5.2 Sally Ports ……………………………………………………………… ………………………………. 5-1 1 5.5.3 Screening at Designated Inspection Areas ………………………………………………. 5-1 1 5.6 The Site Design Tasks ……………………………………………………………… …………………………. 5-1 4 5.6.1 Site Evaluation, Grading, and Drainage ……………………………………………………. 5-1 6 5.6.2 Placement of New Buildings ……………………………………………………………… …… 5-1 7 5.6.3 Controlled Access Zones ……………………………………………………………… …………. 5-1 7 5.6.4 Clustered or Dispersed Building Groups ………………………………………………….. 5-1 8 5.6.5 Orientation ……………………………………………………………… …………………………….. 5-1 9 5.6.6 Sight lines ……………………………………………………………… ………………………………. 5-2 0 5.7 Signage ……………………………………………………………… ………………………………………….. 5-2 2 5.8 Parking ……………………………………………………………… ………………………………………….. 5-2 3 5.9 Loading Docks and Service Access ……………………………………………………………… …………… 5-2 6 5.10 Physical Security Lighting ……………………………………………………………… …………………….. 5-2 6 5.11 Chemical, Biological, and Radiological Issues ……………………………………………………………… 5-2 8 5.11.1 Staging Areas for CBR Evacuation …………………………………………………………… 5-2 9 5.12 Infrastructure and Site Utilities ……………………………………………………………… …………….. 5-3 2 5.13 Landscaping – Plant Selection and Design ……………………………………………………………… …. 5-3 4 5.14 Conclusion ……………………………………………………………… ………………………………………… 5-3 8 TABLE OF CONTENTS xii 6.0 sEcuRiTY foR cEnTRAL BusinEss DisTRicTs 6.1 Introduction ……………………………………………………………… ……………………………………….. 6-1 6.2 Layers Of Defense and Urban Site Types ……………………………………………………………… ……. 6-1 6.2.1 Zero Setback Buildings ……………………………………………………………… …………….. 6-4 6.2.2 Alleys ……………………………………………………………… ……………………………………….. 6-9 Case Study 6: New York City Financial District ………………………………………….. 6-10 6.3 Building Yards ……………………………………………………………… …………………………………… 6-1 3 6.4 Plazas ……………………………………………………………… ………………………………………….. 6-1 6 6.5 Access Points ……………………………………………………………… ……………………………………. 6-2 2 6.6 Intermodal Systems ……………………………………………………………… ……………………………. 6-2 3 6.7 Parking ……………………………………………………………… ………………………………………….. 6-2 5 6.7.1 Introduction ……………………………………………………………… …………………………… 6-2 5 6.7.2 Public Street Parking ……………………………………………………………… ………………. 6-2 6 6.7.3 Underground Parking and Parking Beneath Buildings …………………………….. 6-2 8 6.8 Loading Docks and Service Areas ……………………………………………………………… ……………. 6-3 1 6.9 Physical Security Lighting ……………………………………………………………… …………………….. 6-3 3 6.10 Infrastructure and Site Utilities ……………………………………………………………… …………….. 6-3 6 6.11 Conclusion ……………………………………………………………… ………………………………………… 6-3 9 APPEnDicEs Appendix A: Defensible Space and CPTED: Origins and Application ………………………………………………. A-1 A.1 Introduction and Background ……………………………………………………………… …… A-1 A.2 CPTED Basic Strategies ……………………………………………………………… …………….. A-2 A.3 CPTED Strategies for Site Protection …………………………………………………………. A-3 A.4 CPTED Today ……………………………………………………………… …………………………… A-4 A.5 CPTED Sources of Information ……………………………………………………………… …. A-6 TABLE OF CONTENTS xiii Appendix B: Bibliography ……………………………………………………………… ………………………………….. B-1 B.1 FEMA Risk Management Series Publications ……………………………………………… B-1 B.2 Future Risk Management Series Publications …………………………………………….. B-1 B.3 FEMA Training Course ……………………………………………………………… ……………… B-2 B.4 Other FEMA Publications ……………………………………………………………… …………. B-2 B.5 Other Publications and Articles ……………………………………………………………… …. B-2 B.6 CPTED Bibliography ……………………………………………………………… ………………… B-5 Appendix C: Acronyms and Abbreviations ……………………………………………………………… ……………… C-1 BACKGROUND 1 1-1 BACKGROUND 1.1 INTRODUCTION A fter September 11, 2001, many cities have experienced a pro – liferation of security measures around federal and private buildings. In some cases, these installations have been con – sidered successful from a security, architectural, urban planning, and cultural preservation standpoint. In other cases, however, the installation of security barriers has been acknowledged as detrimental to the func – tion, quality and viability of the public realm. Restricting access can cause significant traffic congestion and can create unnecessary obstacles on streets and sidewalks, that minimize the efficiency of pedestrian and ve – hicle circulations systems and prevent the access of first responders in emergencies. How exposed we are to manmade disaster still remains a difficult ques – tion to answer in spite of the advances that have been made in the last few years in identifying potential acts of terrorism. To stop a terrorist or phys – ical attack on a site or building is very difficult. Any site can be breached or destroyed. Weapons, tools, and tactics can change faster than sites or buildings can be modified. Terrorism involves violent acts or acts dan – gerous to human life. These acts appear to be intended to intimidate or coerce a civilian population and influence government policy. Aggressor tactics run the gamut: moving vehicle bombs; stationary ve – hicle bombs; bombs delivered by persons (suicide bombers); exterior attacks (thrown objects like rocks, Molotov cocktails, hand grenades, o r hand-placed bombs); attack weapons (rocket-propelled grenades, light anti-tank weapons, etc.); ballistic attacks (small arms handled by one indi – vidual); covert entries (gaining entry by false credentials or circumventing security with or without weapons); mail bombs (delivered to individual s); supply bombs (larger bombs processed through shipping departments); airborne contamination (chemical, biological, or radiological [CBR] agents used to contaminate the air supply of a building); and waterborne CBR agents injected into the water supply. Increasingly, the design community has become aware that security can no longer be viewed as a stand-alone capability. FEMA 430 promotes the adoption of sound mitigation measures that address both security needs and the functions, operations and aesthetic quality of the public realm. The better the site is designed to withstand a terrorist attack, the bet ter BACKGROUND 1-2 the odds the building will not be attacked or, if attacked, will suffer less damage and more lives can be saved. FEMA endorses the view that the adoption of security measures can be, in many cases, cost-effective and can increase the overall efficiency and performance of sites and buildings. FEMA promotes the fact that security design needs to go hand-in-hand with good urban design practices and the preservation of urban land – scapes in which cities will remain as viable places in which to live. This chapter provides some historical background on the design of sites and buildings to resist physical attack, followed by a note on contempo – rary developments in building security that were initially developed in response to attacks on U.S. embassies abroad in the 1980s. A set of gov – erning principles is stated to guide a design team involved in balancing security needs with urban design. A basic concept of security design promoted in this publication is the concept of the three layers of defense, which is explained in Chapter 3, Section 3.2. The intent of this approach is to structure a defense in de pth that creates cumulative security barriers that must be penetrated. Final ly, the chapter closes by emphasizing the need for an integrated, holistic a p – proach to security design. 1.2 THE EVOLUTION OF SITE SECURITY DESIGN 1.2.1 SOmE HISTORICAL BACKGROUND T he design of buildings to protect occupants from attack is as old as the history of architecture itself. The development of gun – powder and cannon in the middle ages forced walls to become lower and thicker in protection against cannon balls. The eventual result was the bastioned fort, which was developed in increasingly elaborate forms. With a broad open space in front of the moats; the drawbridge, inner and outer entries, the high walls with slit openings and the well guarded towers, the complex, in its mature form, shows all the elements that are present in today’s doctrine of the three layers of defense against attack (Figure 1-1). The design of military structures to resist artillery fire or bombs is a spe – cialized task that does not normally enter into the design of everyday buildings. However, design for security in the sense of protecting occu – pants from criminal behavior is a familiar, if not prominent, aspect of everyday design. Limited for a long time to the application of locking de – vices, barred windows in urban areas and the like, the rise in the extent and BACKGROUND 1-3 sophistication of everyday crime — such as shoplifting — has resulted in the development of surveillance devices now familiar to us, such as closed-cir – cuit TV, that would have been inconceivable only a generation or so ago. Similarly, the closed building site with perimeter chain link barriers has become commonplace: the closed grade school campus, with visitors funneled through the administration office, and perhaps a local police of – ficer’s presence, is one such phenomenon. The gated community in an affluent suburb with its radio-controlled gate and guard house matches the more familiar benign custodian of the entrance to an upscale apart – ment in a major city. 1.2.2 CONTE mpORARY DEVELO pmENTS IN BUILDING SECURITY Of the attacks in the United States that occurred on September 11, 2001, the devastating attack on the World Trade Center (WTC) in New York and the Pentagon in Washington demonstrated in full measure the hor – rors of explosive attacks on large buildings. The WTC destruction was an extraordinary and pernicious triumph in the war against buildings and their occupants that had its origins in World War II, in systematic city destruction, and more recently, in terrorist at – tacks against American embassies in Africa and the Middle East and against public and commercial buildings in the United Kingdom during the intense Irish Republican Army activity in the 1980s and 1990s. They are summarized in Section 1-5. The WTC had been previously attacked by Figure 1-1: Mediaeval castle elements. SOURCE: FEMA E 155 BACKGROUND 1-4 a truck bomber in 1993 in an attempt to cause collapse, resulting in som e loss of life and considerable damage but no catastrophic collapse (see Section 1.5.2.4). Some of the characteristics of the September 11, 2001, attack on the WTC are described below. The attacks used an extraordinary weapon (Figure 1-2). The figure shows a Boeing 767 superimposed to scale against the floor plan of a WTC tower. In this instance the explosive fireball occurred several hundred feet above the ground and caused the collapse of the two towers. Debris from the collapsing towers severely damaged buildings close by and caused the complete collapse of WTC-7, a 57-story tower adjacent to the site. The WTC towers had been designed to withstand the accidental impact of a Boeing 707 seeking to land at a nearby airport; the airplane was es ti – mated to have a gross weight of 263,000 pounds and a flight speed of 1 80 mph with a modest fuel load. The Boeing 767-ER type aircrafts that hit both towers on September 11 had estimated gross weights of 274,000 pounds and flight speeds of 470 to 590 mph on impact with near- full loads of fuel. The burning fuel proved to be the deciding factor in the collapse of the towers. These differences in the design threat and the actual attack illustrate the critical importance of establishing the design basis threat, as described in the risk assessment pro – cess outlined in the next chapter. The nature of the design, the assets (consequences), and the building vulnerabilities lead to the overall risk assessment that drives the consideration of alternative protection strategies. Figure 1-2: The extraordinary weapon. The figure shows the relative size of the Boeing 767 and the World Trade Center towers, the weight of the airplane, and its fuel load. SOURCE: FEMA 403, WORLD TRADE CENTER, BUILDING PERFORMANCE STUDY, FEMA, 2002 A preliminary account of the WTC attack is provided in FEMA 403, World Trade Center Building Performance Study: Data Collection, Preliminary Observations, and Recommendations. In addition, the National Institute of Standards and Technology has conducted a number of detailed studies and developed recommendations for building code changes as a result of the WTC experience. For information, go to http://wtc.nist.org. BACKGROUND 1-5 The WTC attack in its size and planning was a unique event. A decision to include aircraft impact as a design parameter for a building would clearly result in a major change in the design, livability, usability, and cost of buildings. The bomb delivered by car or truck is the terrorist weapon of choice against buildings because it is relatively simple to mount an at – tack. As was shown in the United States in Oklahoma City in 1995, a single large bomb exploded close to the Murrah federal building in Oklahoma City, causing devastating damage and many casualties (Figure 1-3). While vehicle barriers would clearly not protect against an air a ttack, for the Murrah building a properly designed barrier system and ade – quate stand-off would probably have significantly reduced the impact o f the attack. A summary of the attack on the Murrah building is provided in Section 1.5.2.6. Most commercial buildings are in downtown areas, and the building site under consideration for protection may not be the target of attack. However, the site may be close to one or more high-profile targets, in which case the entire site and any adjacent buildings will be subject to collateral effects, which will vary in severity depending on the proximity to the target and the magnitude of the attack. Security strategies and devices had been under development since the embassy bombings of the 1980s. The Department of State began imple – menting perimeter protection and access control at some embassies to prevent vehicles from penetrating into critical areas within the facilit ies. At the same time, extensive research was undertaken on the resistance of buildings to blast and issues such as progressive collapse and glass breakage. Military planners also developed formal methodologies for the assessment of threats, vulnerabilities, and risk. Figure 1-3: The Murrah Federal Building, Oklahoma City 1995. SOURCE: FEMA 277, ThE OkLAhOMA CITY BOMBING: IMPROvING BUILDING PERFORMANCE ThROUGh MULTI-hAzARD MITIGATION BACKGROUND 1-6 Well before September 11, 2001, military security approaches had begun to be investigated for their application in the civilian environ – ment. For example, in 1995 the National Academy Press published Protecting Buildings from Bomb Blast: Transfer of Blast Effects Mitigation Technologies from Military to Civilian Applications. In 1997 the General Services Administration (GSA) published the Draft Security Criteria. In 1995 the federal Interagency Security Committee (ISC) was established by Executive Order 12977 to develop long-term construction standards for locations requiring blast resistance or other specialized security measures. In a series of working group discussions, the ISC revised and updated GSA’s Draft Security Criteria , taking into account technology de – velopments, the experience of practitioners applying the criteria, and recognition of the need to balance security requirements with building environments that remain open, lively, and accessible. The result was Security Design Criteria for New Federal Buildings and Major Modernization Projects , published in 2001. The GSA and ISC documents are significant in that they were the first attempt to truly integrate security into e very facet of the design and construction of a facility for non-Department- of-Defense (DoD) organizations. Prior to these documents, security was generally an afterthought: the last item added and the first item cut from any typical project. Over the past several years, many facility owners who are not required to implement the ISC requirements have adapted and adopted the cri – teria. Other criteria exist specifically to meet the unique needs of o ther agencies such as the Department of Defense and the Department of State. Other agencies have provided guidance, rather than standards, to both public and federal agencies in a number of publications. FEMA has provided an ongoing series of publications providing guidelines for a number of aspects of security design that are described in Section 1.4. From the experience and studies of blast effects on buildings, the impor – tance of distance (between the building and the bomb) became recognized and led to the concept of the protected setback, now called stand-off, as an effective mitigation of blast. In turn, this has led to stand-off dis tance re – quirements becoming a standard element in security design and a de facto regulatory requirement in the design of buildings constructed or leased by federal government agencies. This one issue alone at once highlighted the site as a major security design arena, and site planning became a major factor in the aim to reduce the effect of explosive attack. In 1997 the United States Air Force Center for Environmental Excellence published Installation Force Protection Guide that included chapters that covered comprehensive planning and facility site planning. The material in these chapters became one of the foundations of security measures recommended to this day for perimeter and site security. BACKGROUND 1-7 1.3 THE I mpACT OF SECURITY NEEDS ON SITE AmENITY T he impact of 9/11, particularly in Washington and New York, was so traumatic that many security measures were quickly applied on an ad hoc basis. For example, the ubiquitous Jersey barrier is one of many devices used as perimeter security that, if not properly located , can degrade the quality and character of public space and severely detra ct from the sense of openness and accessibility that are features of an att rac – tive and functional urban environment (Figure 1-4). Figure 1-4: Jersey barriers installed in New York City and Washington D.C. after 9/11. SOURCE: TOP LEFT, NYPD; TOP RIGHT, NYPD; BOTTOM LEFT, NYPD; BOTTOM RIGHT , NCPC The possibility that a focus on building security design might have det – rimental effects on the aesthetic and functional quality of buildings and their surroundings had been recognized before 9/11. In November 1999 the GSA and the American Institute of Architects convened a symposium on security and the design of public buildings entitled Balancing Security and Openness, in which potential conflicts between security needs and tra – ditional building amenities were debated. BACKGROUND 1-8 In the following year, the National Capital Planning Commission (NCPC), an influential public agency entered the discussion. NCPC is the federal government planning agency in the capital region. Concerned by the number of hodge-podge security solutions being in – stalled by individual federal agencies after the Oklahoma City bombing and the attacks of September 11, 2001, NCPC convened a task force to address and report on the impacts, including street and sidewalk clo – sures, and the detrimental physical, visual and psychological consequences that unplanned and uncoordinated perimeter security was causing the city and its historic resources. This was published as the National Capital Urban Design and Security Plan in October 2002. Figure 1-5 shows a typical proposal from the plan. The NCPC Plan focuses exclusively on perimeter building security designed to protect employees, visitors, and federal functions and prop – erty from threats generated by unauthorized vehicles approaching or entering sensitive buildings. It does not address other kinds of se – curity measures such as building hardening, operational procedures, or surveillance. The goal of the plan is to restore the beauty of the nation’s capital by integrating building perimeter security into an at – tractive streetscape and by coordinating the design and installation of streetscape products. Figure 1-5: Streetscape, corner of 17th Street and Pennsylvania Avenue, Washington, D.C. SOURCE: NCPC BACKGROUND 1-9 1.4 FEmA pUBLICATIONS ON BUILDING SECURITY S ince 2003, FEMA has published, as part of the Risk Manage – ment Series (RMS), several publications that deal directly with the security of the building site and site development. The RMS is a collection of publications directed at providing design guidance to mitigate the consequences of man-made and natural disasters against buildings. This series includes the following publications: m FEMA 426: Reference Manual to Mitigate Potential Terrorist Attacks Against Buildings discusses selected methodologies for risk assessment; architectural and engineering design considerations; blast theory related to the dynamics of the blast pressure wave, the response of building components; and CBR measures that can be undertaken to mitigate potential terrorist attacks. An entire chapter is devoted to site and layout design guidance that describes site-level consideration and provides concepts for integrating land use planning, landscape architecture, site planning, and other strategies to mitigate the design basis threat. m FEMA 427: Primer for Design of Commercial Buildings to Mitigate Terrorist Attacks addresses four high-population, private-sector building types: commercial office, retail, multifamily residential, and light industrial. This manual contains extensive qualitative design guidance for limiting or mitigating the effects of terrorist attacks. It includes a chapter on design guidance describing site location and layout, perimeter line, controlled access zones, physical protective barriers, effectiveness of anti-ram barriers, and a checklist for site and layout design guidance. m FEMA 428: P rimer to Design Safe School Projects in Case of Terrorist Attacks provides the design community and school administrators with the basic principles and techniques to make a school a safer place in case of terrorist attacks. This publication includes a chapter on site and layout design guidance that addresses comprehensive architectural and engineering design considerations for the school site, from the property line to the school building. m FEMA 452: Risk Assessment: A How-To Guide to Mitigate Potential Terrorist Attacks Against Buildings is a comprehensive methodology to prepare risk assessments. This publication includes an extensive checklist and database that allows practitioners to analyze and rank site and building vulnerabilities. It introduces the concept of layers of defense that structures a defense in depth by creating cumulative security barriers that must be penetrated. BACKGROUND 1-10 m FEMA 453: Safe Rooms and Shelters provides guidance for engineers, architects, building officials, and property owners to design shelters and safe rooms in buildings. The section on “Staging Areas and Designated Entry and Access Control Points” is particularly relevant to site planning and design. m FEMA E155: Building Design for Homeland Security is a course of instruction that comprises all key materials introduced in the RMS Publications. The purpose of E155 is to familiarize students with assessment methodologies available to identify the relative level of ris k for various threats. This course devotes a section to “Site and Layou t Design Guidance,” addressing topics such as land use considerations, layout and form, vehicular and pedestrian circulation, landscape, and semi-urban and urban design. This course emphasizes best practices, addressing prime concerns related to the design and placement of physical barriers. It addresses concerns about densities (from high to low) in urban areas. This course is offered nationwide to federal, state, and municipal agencies and private-sector owner and manager associations. 1.5 BUILDING DA mAGE FRO m TERRORIST ATTACK: EXA mpLES AND LESSONS 1.5.1 INTRODUCTION T his section provides summaries of terrorist attacks on buildings throughout the world. There are three main purposes in these accounts: m To show that information on large-scale terrorist bomb attacks on buildings is now based on over twenty years of experience, which has resulted in the development of many counter-measures. m To provide a sense of the effects of terrorist attacks on buildings and their occupants, the variety of groups or individuals that perpetrate these attacks, the kinds of targets that are selected, and the longer- term effects of attack. m To indicate specific lessons learned from the attacks that have been selected. For the United States, the rise of terrorist attacks as a significant problem began in the Middle East with attacks on military installations and U.S BACKGROUND 1-11 Department of State embassies and consulates. The Department of State and the military published a number of studies following these attacks in which many of the main principles of building protection were identifi ed. These principles form the basis of measures now being implemented in other institutions and private companies that are considered possible ta r – gets of attack. Experience in other countries, such as the United Kingdo m and Israel, has also provided much information on the vulnerabilities of buildings and the effectiveness of protection methods. 1.5.2 SELECTED EXA mp LES OF TERRORIST ATTACKS ON BUILDINGS The following sections provide short descriptions of terrorist attacks o n buildings, presented in chronological order. Each of the examples is accompanied by a summary of “lessons learned.” These lessons are pre – sented in terms of the threat, asset value, and vulnerability, which are aspects of the risk assessment described in Chapter 2. In addition, the les – sons are related to the three layers of defense, summarized in the box below, and the Community Context, both of which are described in detail in Chapter 3. All the information presented has been obtained from publicly avail – able sources. Dollar values quoted are contemporary with the incident discussed. THE THREE LAYERS OF DEFENSE First Layer of Defense Outside the site boundary or defended perimeter Second Layer of Defense Between the site boundary or defended perimeter and the building or other defended assets Third layer of Defense The building envelope and structure and the interior assets BACKGROUND 1-12 1.5.2.1 United States Embassy, Beirut, Lebanon, April 1983 The U.S. Embassy in Beirut, Lebanon, was attacked at about 1:00 p.m. on April 18, 1983, by a delivery van, reportedly stolen from the embassy, driven by a suicide bomber with about 2,000 pounds of explosive. It drov e up to the embassy and parked under a portico at the front of the buildin g, where it exploded. The front section of the embassy collapsed, killing 6 3 people, 17 of whom were Americans, including the entire U.S. Central Intelligence Agency Middle East contingent. Most of the victims were at lunch and were killed by the collapsing building. The building was a seven-story structure of reinforced concrete (Figure 1-6). The Islamic Jihad is believed to have been responsible for the attack. I t was seen by some as marking the beginning of anti-U.S. attacks by Islami c groups. The embassy relocated to Awkar, north of the capital, where a second bombing killed 11 and injured 58 in September 1984. In 1989 the Embassy closed, and all American staff was evacuated due to security threats. The embassy re-opened in November 1990. Figure 1-6: U.S. Embassy at Beirut, Lebanon. SOURCE: © BETTMANN/ CORBIS BACKGROUND 1-13 1.5.2.2 marine Barracks, Beirut, Lebanon, October 1983 At around 6:30 a.m. a Mercedes delivery truck drove to Beirut International Airport, where the United States Marines had their head – quarters. The truck turned onto an access road leading to the compound and circled a parking lot. The driver accelerated, crashed through a barbed-wire fence in the compound parking lot, passed between two sentry posts, crashed through a gate, and barreled into the lobby of the Marine Headquarters building. The marine sentries did not have loaded weapons and thus were not able to shoot the driver. The suicide bomber then detonated his truck, which contained 12,000 pounds of explosive. LESSONS LEARNED Risk – Threat Ratingm A suicide bomber manages to drive truck under portico. Risk – Asset Value m Highest asset value: U.S. Embassy in central Beirut. Risk – Vulnerability Rating m Nonductile structural design. m Nonredundant structure. m Building entrance vulnerable to vehicle penetration. Security Design – First Layer of Defense m No barriers or any defense features were present in the first line of defense. Security Design – Second Layer of Defense m Only width of sidewalk represented second layer of defense. m No defense features in the second layer of defense. m Car was able to reach the entrance of the building. Security design – Third Layer of Defense m Non-hardened structure that cannot compensate for the nonexistent first and second layers of defense. m No progressive collapse-worthy design. m Reinforced concrete connections at spandrel beams were not adequate. Community Context m Numerous casualties. m After relocation, a repeat bombing of the embassy occurred. BACKGROUND 1-14 The force of the explosion collapsed the four-story cinder-block building into rubble, crushing to death many inside. Rescue efforts continued for days. Although hindered by sniper fire, rescuers pulled some survivors from the rubble. The death toll was 220 marines, 18 navy personnel, and 3 army soldiers. Sixty Americans were injured. The attack caused the greatest single-day death toll for the American mi l – itary since the battle of Iwo Jima and remains the deadliest attack on Americans overseas. LESSONS LEARNED Risk – Threat Rating m A suicide truck bomber penetrated to the building lobby where the explosion caused the building to collapse, resulting in many casualties. Risk – Asset Value m Marine headquarters and nearby Beirut International Airport are high asset value facilities in same locale. Risk – Vulnerability Rating m Lobby not protected from car-ramming. m Design allows cars to accelerate as they approach the building. m Cinder block walls. m Nonductile construction. m Nonredundant structure. Security Design – First Layer of Defense m Barbed wires, wide sentry posts, nonresilient gate and nonsuspecting guards were not enough to prevent the car from breaking through the first layer of defense. Security Design – Second Layer of Defense m The parking area around the building did not have design features that might have slowed or stopped the car from driving into the building lobby. m Landscaping materials might have been beneficial. m Car could accelerate into building. Security Design – Third Layer of Defense m Car bomber was able to penetrate into the building lobby. m Concrete framed construction with no ductile detailing allowed a large interior blast to cause the structure to partially collapse. Community Context m The building was located near Beirut International Airport, a location that has limitations and vulnerabilities. m Deadliest attack on Americans overseas. BACKGROUND 1-15 1.5.2.3 Baltic Exchange, City of London, April 1992 Founded in the mid-eighteenth century, the Baltic Exchange is a U.K. company that operates the premier global marketplace for shipbrokers, ship owners and charterers. It occupied a building built in 1903 that wa s listed as historic. In April 1992, at 9:20 p.m., the offices of the Baltic Exchange at 30 St. Mary Axe in the City of London were virtually destroyed in an Irish Republica n Army (IRA) bomb attack. A small truck pulled up in St. Mary Axe, a narrow street in the heart of London’s financial district. Inside the truck was the first large fertilizer-based home-made explosive device ever to be exploded: the bomb’s power was enhanced by a Semtex-based detonating cord wrapped around the explosives. Although most of the office worker s had gone home, the bomb killed three people, all by flying glass, and in – jured 91. The damage was estimated at about $1.2 billion (Figure 1-7). The day after the explosion, a witness wrote: “The area that had been damaged not only extended well beyond what anyone would have believed knowing the location of the bomb: damage done to this area was phenomenal. The impact of the explosion had showered the direct area with endless mountains of glass, and nearly all of the windows of the adjoining Commercial Union skyscraper were knocked to smithereens. The force had also damaged many other buildings and destroyed windows over a vast area and damaged cars.” Figure 1-7: Damage to surrounding buildings © MATTHEW POLAK/CORBIS BACKGROUND 1-16 Because of the building’s historic value, initial attempts were made to re – store the façade, but the damage proved to be more than at first re alized. The exchange sold the land to a developer and the building was disman – tled in 1998 at a cost of $6 million, packed in wooden crates, and stored in a barn. In 2004 the remains were offered for sale. The site is now oc cu – pied by a 41-story office building that was christened the “Gherkin” by the public (Figure 1-8). Figure 1-8: The “Gherkin”: 30 St. Mary Axe, London. LESSONS LEARNED Risk – Threat Rating m First use of large home-made fertilizer-based explosive device. m Financial districts within a congested urban setting have a high threat rating. Risk – Asset Value m Special difficulties encountered in the aftermath due to the historical character of the building. m Early example of attack on private financial service building rather than military or government facility. m Importance of collateral damage in estimating asset value. BACKGROUND 1-17 LESSONS LEARNED (continued) Risk – Vulnerability Rating m Nonreinforced masonry-bearing walls have high vulnerability rating. m Glazing can cause immense damage if not properly designed. Security Design – First Layer of Defense m The narrow street of St. Mary Axe did not offer an adequate setback, especially for a non-ductile frame building such as the Baltic Exchange. m A comprehensive first line of defense was needed for such a congested urban area with high value assets such as the Baltic Exchange. Security Design – Second Layer of Defense m The urban setting did not permit use of a second line of defense. Security Design – Third Layer of Defense m Importance of ductile structural systems. m Importance of retrofitting older nonductile systems, especially in historic buildings. m Need for adequately designed glazing. m Importance of collateral damage when considering security of infrastructures. Community Context m Redevelopment of the site with an iconic high-rise building. 1.5.2.4 World Trade Center, New York City, Februar y 1993 On Friday, February 26, 1993, at 12:18 p.m. a large explosion ripped through the public parking garage of the World Trade Center. The explo – sion resulted in six deaths, more than 1,000 injuries, and $300 million in property damage. The explosion was caused by a 1,500-pound urea-nitrate bomb (equiv – alent to about 900 pounds of TNT) packed in a rented Ford van, detonated by a timer after the van had been parked in the base – ment parking garage. The explosion created a crater 200 feet by 100 feet and several stories deep. The towers’ power and emergency sys – tems were wrecked. Most of the injuries were due to smoke inhalation (Figure 1-9). BACKGROUND 1-18 Within a month, four individuals were apprehended as responsible for the blast. One, Mohammed Salameh, had been traced through a frag – ment of metal at the scene with the serial number for a Ford van belonging to a Jersey City Ryder rental agency. On March 4, 1994, a jury convicted all four defendants on all 38 counts against them, and each was sentenced to 240 years in prison and a $250,000 fine. A large body of evidence suggested that the WTC conspirators were “transna – tional terrorists” inspired and assisted by several Islamic militant groups operating in the United States and abroad but not a formal part of any of them. Figure 1-9: Damage in WTC garage caused by the 1993 bomb attack. SOURCE: © MIKE SEEGAR/ CORBIS LESSONS LEARNED Risk – Threat Rating m Use of home-made fertilizer –based explosive device. Risk – Asset Value m Very high asset value. m High potential collateral damage due to congested urban conditions. Risk – Vulnerability Rating m High vulnerability of parking structures under buildings. m Importance of access control of cars and individuals. m Importance of adequate egress means. BACKGROUND 1-19 1.5.2.5 Bishopsgate, City of London, April 1993 A bomb hidden in the back of a large truck exploded in a narrow street, killing one person and injuring more than 40. The bomb was home-made with about one ton of fertilizer and was similar to the bomb that devas – tated the nearby Baltic Exchange, noted in Section 1.5.2.3. The explosio n shook buildings and shattered hundreds of windows, sending glass show – ering down into the streets below. A mediaeval church, St. Ethelburga’s, collapsed. Another church and the Liverpool Street underground station were also wrecked. The cost of repairing the damage was estimated at more than $1.5 billion . Repairs to the Baltic Exchange had just been completed and the building re-opened, when the same bank was damaged in the April Bishopsgate blast. Huge payouts by insurance companies contributed to a crisis in th e industry, including the near financial collapse of the world’s leading in – surance market, Lloyds of London (Figure 1-10). LESSONS LEARNED (continued) Security Design – First Layer of Defense m No access control. m Bollards and barriers were not an issue in this event, since the van was able to get inside the building. Security Design – Second Layer of Defense m Not an issue in this event. Security Design – Third Layer of Defense m Strong columns at base of tall building prevented major structural damage. m Loss of large floor areas, while the supporting column remained standing showed importance of hardened floors in vulnerable conditions. m Loss of power and emergency systems showed importance of redundant, hardened and reliable utility and emergency service design. m Importance of multidisciplinary design. Community Context m High value buildings in relatively congested urban areas showed the need for community context defense strategies. m Ensuing litigation showed that all stake holders need to take adequate steps to protect the public. BACKGROUND 1-20 Figure 1-10: Damage to surrounding buildings SOURCE: © CORBIS LESSONS LEARNED Risk – Threat Rating m A concentration of historic buildings, underground infrastructure, active businesses, and retail entities in a congested urban setting increases threat rating. m Home-made fertilizer-based device as a blast source. Risk – Asset Value m Large collateral damage to surrounding buildings in a dense urban setting caused crises in the insurance industry. Risk – Vulnerability Rating m Older underground infrastructures can be vulnerable from surface attacks. m Historic construction is particularly vulnerable due to mostly nonductile construction practices. Security Design – First Layer of Defense m Urban alleyways need protection by system of barriers and bollards to provide adequate setback. Security Design – Second Layer of Defense m Narrow alleys do not offer second layer of defense. Security Design – Third Layer of Defense m Showed vulnerability of glass curtain walls to blast. m Medieval church collapsed due to archaic construction practices. m Liverpool Street subway station was wrecked. Shows importance of 360 degree defense. BACKGROUND 1-21 1.5.2.6 murrah Federal Building, Oklahoma City, April 1995 On April 19, 1995, at 9:02 a.m., a truck bomb exploded outside the Alfre d P. Murrah Federal Building in Oklahoma City, causing 168 fatalities. The bomb was packed in a rented truck. It is estimated that the 7,000-pound bomb had a yield of about 4,000 pounds TNT, and the stand-off distance was less than 20 feet. The blast blew off the front façade of the bu ilding and caused progressive collapse of part of its structure. The nine-story building was constructed in 1977 and contained the re – gional offices of the Secret Service; the Drug Enforcement Agency; and the Bureau of Alcohol, Tobacco, Firearms, and Explosives; and several other federal and state agencies. Of the 361 building occupants, 118 workers, 15 children in day care, 4 children visitors, and 26 adult visitors were killed. One hundred sixty- six people were injured. Two people were killed and 39 injured in the adjoining Water Resources Board Building, and one person was killed and four injured in the adjoining Athenian Building. One person was killed and 60 were injured outside, and 167 injuries occurred in other buildings near the blast. Over 300 buildings were damaged or destroyed (Figure 1-11). Ninety minutes after the explosion, an Oklahoma Highway Patrol officer pulled over Timothy McVeigh for driving without a license plate. Shortly before he was to be released on April 21, McVeigh was recognized as a bombing suspect and charged with the bombing. His companion, Terry Nichols, was also charged with the bombing. Both were convicted: McVeigh was executed on June 11, 2001, and Nichols was sentenced to life in prison in May 2004. The building was demolished by implosion in May 1995. LESSONS LEARNED (continued) Community Context m Diverse communities in an urban setting such as Bishopsgate need to combine their resources to provide for sensible strategies against bomb blast. m Historic buildings, which can be a source of pride and symbols of the community, need some measure of retrofit to increase ductile behavior of the structure. If that is not feasible, adequate stand-off must be provided. BACKGROUND 1-22 Figure1-11: This figure shows the site layout and impact location of the Murrah Federal Building after the bombing of 1995. Collateral damage in adjacent sites and buildings was substantial. SOURCE: FEMA 277, ThE OkLAhOMA CITY BOMBING: IMPROvING BUILDING PERFORMANCE ThROUGh MULTI-hAzARD MITIGATION BACKGROUND 1-23 1.5.2.7 Town Center, manchester, England, June 1996 On June 15, 1996, at a peak shopping time on Father’s Day, a 3,000-pound IRA bomb (equivalent to about 1,800 pounds of TNT) exploded in Manchester, the second largest city in the United Kingdom, injuring more than 200 people and ripping into the fabric of the city’s main shopping center (Figure 1-12). LESSONS LEARNED Risk – Threat Rating m Due to the location of the building in Middle America, the threat was not felt to be high. The event changed that line of thinking. m Another use of a home-made fertilizer-based device as a blast source. Risk – Asset Value m High asset value of a federal building. Risk – Vulnerability Rating m Needed hardened structural and envelope design because of limited setbacks. m Importance of choice of structural systems to increase redundancy and prevent progressive collapse. Security Design – First Layer of Defense m Setback (width of sidewalk) was not enough to prevent the devastating effects of the bomb. Security Design – Second Layer of Defense m No measures for second layer of defense. Security Design – Third Layer of Defense m Showed damaging effects of transfer girders. m Importance of redundant and ductile structural design. m Importance of adequate glazing design, particularly for buildings that are close to a high value target. m Importance of adequately designed egress systems. Community Context m High collateral damage even at long distances from ground zero. m Importance of community context design strategies for high-value targets in an urban setting. BACKGROUND 1-24 Major casualties were avoided because about an hour before the blast sev – eral telephone warnings, using a recognized IRA code word, had been sent to newspapers, radio and television stations, and at least one hosp ital, and police began clearing people away from the site twenty minutes later . An army bomb squad was employing a robotic anti-bomb device to check an illegally parked van, which had been recorded by several closed-circu it security cameras in the city, when the bomb exploded. Most injuries were sustained from falling glass and building debris. The main railroad stations were closed for several hours, and the city center was sealed off. The evacuation of shoppers took place from the Marks and Spencer Department Store at the center of the site, outside which th e truck bomb was parked. It was estimated that up to 450,000 square feet of retail space and abou t 200,000 square feet of office space subsequently needed to be recon – structed. A master plan was quickly set in place for the redevelopment o f the city center. An international urban design competition was launched one month after the bombing, providing a cohesive plan for rebuilding. After four years the devastated zone was completely restored. Marks and Spencer rebuilt on its original site, with its largest store in the worl d (Figure 1-13). Figure 1-12: Manchester shopping center damage. SOURCE: © MATTHEW POLAK/CORBIS BACKGROUND 1-25 Figure 1-13: New Marks and Spencer Store, Manchester. LESSONS LEARNED Risk – Threat Rating m Avoidance of casualties by advance warning characteristic of IRA approach to limit public criticism of attacks. This reduces threat rating. m Preparedness in having anti-bomb devices available soon after threat is detected. Risk – Asset Value m Example of attack on shopping area with objective of urban disruption and terrorism rather than attacking military or political targets and installations. m In estimating asset value, cost of business interruption should be included in any analysis. Risk – Vulnerability Rating m Older construction detailing. m Non-blast-resistant glazing and building envelope. Security Design – First Layer of Defense m The van parked along the street curb: setback was only the width of the sidewalk. BACKGROUND 1-26 LESSONS LEARNED (continued) Security Design – Second Layer of Defense m No measures for second layer of defense. Security Design – Third Layer of Defense m The tower was spared from major damage due to setback offered by lower floors. m No major structural failure due to the relatively small bomb size and the width of the sidewalk. m Most of the severe damage and injuries were caused by failure of the building envelope and shattered glazing. Community Context m The large scale of damage provided incentives and national funding assistance for a massive urban renewal project that had long been considered. m New Marks and Spencer store includes attractive all-glass façade. 1.5.2.8 Khobar Towers, Dhahran, Saudi Arabia, June 1996 Khobar Towers is part of a large housing complex in the city of Dhahran, Saudi Arabia. In 1996 it was being used to house foreign military per – sonnel, including Americans. At approximately 9:50 p.m. a truck bomb exploded, throwing a force equivalent to about 20,000 pounds of TNT di – rectly at Building 131. At the time this was the largest terrorist devic e ever directed at Americans. This eight-story building mostly housed United States Air Force personnel from the 4404th Fighter Wing. In all, 19 U.S. servicemen and one Saudi were killed and 372 injured (Figure 1-14). On the evening of June 25, a security policeman went to the top of Building 131 to check on two sentries posted there. From the roof they observed a sewage tanker truck and a white car enter the parking lot. They watched the truck drive to the second to last row, turn left as if leaving the lot, slow down, stop and then back up towards the fence line . It stopped directly in from to the center of the north façade of Buil ding 131. The truck’s driver and a passenger jumped out and hurried to a waiting car, which sped out of the parking lot. The security police acted rapidly: they radioed in an alert and started the evacuation plan to notify each floor of the building. Many of the evacuees were in the st air – well when the bomb went of. The stairwell was on the other side of the building away from the bomb, perhaps the safest location in the building. The actions of the guards saved many lives (Figure 1-15). BACKGROUND 1-27 As the blast waves hit the building, they propelled pieces of Jersey bar – riers into the first floor. The outer walls of the bottom floors were blown into rooms, and the facades of the floors peeled off and fell into a p ile of rubble. The building did not collapse because it had been built to Briti sh code standards and was made of prefabricated concrete cubicles that were bolted together. The bomb blasted a crater 35 feet deep and 85 feet across. For some time Saudi Arabia was almost wholly free of terrorism, and the kingdom was regarded as one of the world’s safest place for U.S. forces. Figure 1-14: The Khobar Towers housing complex, Building 131. SOURCE: © REUTERS/CORBIS Figure 1-15: Location of truck bomb and getaway car. BACKGROUND 1-28 However, in November 1995 a car bomb with the equivalent of about 220 pounds of TNT exploded in the courtyard of the Office of the Program Manager of the Saudi Arabia National Guard in Riyadh. As a consequence, the U.S. military reviewed the force protection mea – sures in the theater, and in Dhahran the 4404th Wing took action to increase the level of protection. The perimeter was completely sur – rounded by Jersey barriers and the alert status was raised. The setback between the roadway and the buildings was approximately 80 feet. Senior U.S. officials had concluded that the upper limit on a terrorist bomb that could be smuggled into Saudi Arabia was no higher than the 220-pound device used at Riyadh the previous year. Traffic patterns were reset and lengthened, road stars and tire shredders were put place, and barriers and a bunker sealed the entry way. LESSONS LEARNED Risk – Threat Rating m Showed importance of threat assessment and fallacy of relying on past experience. Risk – Asset Value m As housing units for U.S. military personnel, the asset value was high. Risk – Vulnerability Rating m Higher standard of structural redundancy reduced overall damage. m Casualties reduced by location of egress stairs at the back of the building away from potential blast sources. Security Design – First Layer of Defense m Showed importance of alert surveillance by guards. m Showed importance of well-anchored barriers. m Showed that non-anchored barriers can have a negative effect on building security. Security Design – Second Layer of Defense m Showed importance of adequate setback: a shorter setback would have resulted in much more structural damage. Security Design – Third Layer of Defense m Precast concrete bearing wall system prevented what might have been a total building collapse given the size of the blast. m Showed importance of structural redundancy: the structure was highly redundant. m Showed importance of strong building envelope: the outer buildings’ envelopes were not severely damaged. Community Context m Use of large trees could have had good aesthetic effect in the arid climate and at the same time interfered with blast pressures. BACKGROUND 1-29 1.5.2.9 The United States Embassy, Kenya, August 1998 The United States Embassy in Nairobi, Kenya, was attacked on August 7, 1998, at 10:30 a.m. local time, five minutes after an attack on the U. S. Embassy in Dar es Salaam, Tanzania. The building was a five-story rein – forced concrete structure, constructed under the supervision of the Foreign Buildings Operations in the early 1980s before the Inman Committee security standards were produced (Figure 1-16). The building was located at the intersection of two of the busiest stree ts in Nairobi near two mass transit centers. Terrorists driving a truck detonated a large bomb in the rear parking area near the ramp to the basement garage. The explosion killed 213 people, of whom 44 were embassy em – ployees (12 Americans and 32 foreign national employees). It is estima ted that 200 Kenyan civilians in the vicinity were killed and 4,000 injured by the blast. The following is an extract from a U.S. Department of State Accountability Review Board report: “Damage to the embassy was massive, especially internally. Although there was little structural damage to the building, the explosion reduced much of the interior to rubble — destroying windows, window frames, intern al office partitions and other fixtures on the rear side of the building. The secondary fragmentation from flying glass, internal concrete block walls, furniture, and fixtures caused most embassy casualties. The majority o f the Kenyan casualties resulted from the collapse of the adjacent Ufundi Building together with flying glass from the nearby Co-op Bank buildin g Figure 1-16: U.S. Embassy, Nairobi, Kenya. SOURCE: © EPA/CORBIS BACKGROUND 1-30 and other buildings located within a three-block radius. Other casualtie s were pedestrians or motorists in the crowded streets next to the embassy . The local-hire contract guards at the rear of the embassy saw the truck pull into the uncontrolled exit lane of the rear parking lot just as the y closed the fence gate and the drop bar after a mail van had exited the embassy’s garage. (The drop bar paralleled a series of steel bollards that encircled the embassy outside the steel grill fence that surrounded the chancery). The truck proceeded to the embassy’s rear access control area but was blocked by an automobile coming out of the Co-op Bank’s under – ground garage. The blocking automobile was forced to back up, allowing the truck to come up to the embassy drop bar.” LESSONS LEARNED Risk – Threat Rating m Threat rating considered low. Risk – Asset Value m The U.S. Embassy in Kenya is a high asset value. Risk – Vulnerability Rating m Building located at intersection of very busy streets close to mass transit centers. m Reinforced concrete structure designed prior to introduction of State Department requirements. m Many casualties caused by collapse of nearby building and flying glass from others. Security Design – First Layer of Defense m Inadequate setbacks (as short as 15 feet). Security Design – Second Layer of Defense m Truck was able to penetrate to parking area close to building. m Guards were alert but unarmed and unable to prevent truck penetration. Security Design – Third Layer of Defense m Limited structural damage but much interior damage. Most casualties caused by shattered glass, flying concrete block walls and furniture. m Windows covered by 4 mm mylar film, but frames not anchored to structure. Community Context m Many casualties to pedestrians and motorists in crowded streets near the Embassy. SOURCE: U.S. STATE DEPARTMENT , REPORT OF ACCOUNTABILITY REVIEW BOARDS, BOMBING OF U.S. EMBASSIES IN NAIROBI, KENYA AND DAR ES SALAAM, T ANzANIA, “ExECUTIVE OVERVIEW AND NAIROBI DISCUSSION AND FINDINGS;” BACKGROUND 1-31 1.5.2.10 U.S Embassy, Dar es Salaam, Tanzania, August 1998 On August 7, 1998, along with the embassy in Nairobi, Kenya, the United States embassy in the East African capital city of Dar es Salaam, Tanzania, was severely damaged in a truck bomb attack. The bomb killed 12 people and injured 85. Almost all the victims were African civilians; no Americans were among the fatalities, but many were injured, two seriously. The truck bomber drove to one of the two vehicular gates of the U.S. Embassy. Apparently unable to penetrate the perimeter because it was blocked by an embassy water tanker, the suicide bomber detonated his charge at 10:39 a.m. at a distance of about 35 feet from the outer wall of the chancery (Figure 1-17) The attack was linked to local members of the Al Qaeda terrorist network headed by Osama bin Laden; it was this incident that first brought him and Al Qaeda to international notoriety and led to the FBI placing him on the agency’s most wanted list. The following is an extract from a U.S. Department of State Accountability Review Board report: “The U.S. Embassy in Dar es Salaam moved into the former Israeli Embassy compound in May 1980. The embassy consisted of a three- story Chancery, originally built as the Israeli Chancery in the early 1970s and a four-story annex, added in 1980. Both buildings were located in an enclosed compound. The construction of both the Chancery and Annex was of reinforced concrete frame construction. Figure 1-17: Damage to the U.S Embassy, Tanzania SOURCE: AP/WIDE WORLD PHOTOS BACKGROUND 1-32 The floors and ceilings were of concrete slab design, and the exterior and partition walls were of concrete block. Ground floor windows in the Chancery were minimal, possibly designed to limit potential bomb damage. The chancery suffered major structural damage and was rendered unusable, but did not collapse. No one inside the chancery was killed, in part due to the strength of the structure and in part to simple luck. Several American Embassy residences were destroyed as were dozens of vehicles. The Ambassador’s residence, a thousand yards distant and vacant at the time, suffered roof damage and collapsed ceilings. The Chancery and Annex were surrounded by a perimeter wall that provided a 25-75 foot setback between the embassy and adjacent streets and properties. The base of the wall was a combination of concrete block and reinforced concrete, onto which tubular metal picket fencing alternated with concrete pilasters. Hardened guard booths were located at each of the entry ways to the compound Pedestrian visitor and vehicle screening was conducted at the perimeter, primarily at the entry where the bomber apparently intended to force access. Two vehicle entry gates allowed access to the compound; both were manually operated double-swing gates constructed of a tubular steel framework. Rising wedge barriers provided additional access control. Both of these were inoperative at the time of the bombings, and one had been out of repair for over two years despite attempts to make it operational. Vehicles were screened outside the gates by local guards with diplomatic security-provided inspection mirrors. A thorough review of the embassy security procedures was conducted by the regional security officer about two weeks before the attack. Alarm drills to identify contingencies, such as package bombs, were held on a weekly basis, and such a drill had been completed 30 minutes before the bombing. There were no drills, however, specifically designed to contend with vehicular threats.” BACKGROUND 1-33 LESSONS LEARNED Risk – Threat Ratingm Threat rating considered low. Risk – Asset Value m The U.S. Embassy in Tanzania is a high asset value. Risk – Vulnerability Rating m The reduction of setback from a State Department requirement of 100 feet to a range between 25-75 feet could have affected the vulnerability rating. Security Design – First Layer of Defense m The vehicle carrying the bomb failed to penetrate the perimeter because of the presence of a water truck that blocked its entry. Security Design – Second Layer of Defense m At the time of the explosion, the car was about 35 feet from the building. The second line of defense was not tested since the car failed to breach the first line of defense. Security Design – Third Layer of Defense m The 35-foot setback outside the chancery wall proved to be adequate to protect the building from major collapse even though the structure was severely damaged. Community Context m Several nearby buildings were damaged, including the ambassador’s residence. m Dozens of vehicles were destroyed. SOURCES: US STATE DEPARTMENT, REPORT OF THE ACCOUNTABILITY REVIEW BOARD, BOMBINGS OF THE US EMBASSIES IN NAIROBI, KENYA AND DAR ES SALAAM, T ANzANIA, FROM HTTP://WWW.STATE. GOV/WWW/REGIONS/AFRICA/BOARD_OVERVIEW .HTML; BACKGROUND 1-34 1.6 GOVERNING pRINCI pLES T he experience gained from the above events and others, such as the attacks on September 11, 2001, has provided the basis for a number of governing principles for site security design that are pre – sented below. They are intended as a non-mandatory guide to the design team as it approaches its design task. At an early stage the site owner, the stakeholders, and the design team should review and discuss these princi – ples and add to or modify them to suit the specifics of the risk asses sment, the nature of the site and the building, and the resources and objective s of the building owner, whether individual, corporation or institution. Some topics relate both to the site and the building because their desig n is intimately related. m To acknowledge the need to accept a reasonable level of risk is inherent in striking an appropriate balance between security provisions and other fiscal, planning, design, and operational objectives. m To encourage a multi-disciplinary approach to the selection of security measures that make appropriate use of intelligence information, operational and procedural measures (such as surveillance and screening), and physical design strategies. m To provide an appropriate balance between the need to accommodate perimeter security for sensitive buildings and their occupants and the need to maintain the vitality of the public realm. m To produce a coherent strategy based on deploying specific families of streetscape and security elements in which security is balanced with the process of achieving aesthetic continuity along streets and around buildings. m To provide site security protection in a manner that does not impede or excessively restrict operational use of streets and to the greatest extent possible preserves or enhances the site’s aesthetic and functional qualities. m To employ strategies that guarantee pedestrian mobility, traffic calming, and good access for first responders in case of natural or man-made disasters. m To provide flexibility for future protection by devising well thought out temporary measures that can be implemented for varying time spans when the threat level changes. BACKGROUND 1-35 m Even though security projects are complex and challenging in execution, all successful projects share these attributes: m A well-executed risk assessment process (as outlined in Chapter 2, Section 2.2) that defines the threat, assets, and vulnerability. The final risk assessment enables the property owner to determine the necessary level of protection, which in turn governs the selection of mitigation measures for the project and identifies the designers’ tasks. m A cost-benefit analysis that enables comparison of alternative protection methods and selection of an effective and affordable strategy. m A multi-disciplinary design team, including architect; landscape architect; civil engineer; security consultant (including blast consultant); mechanical, electrical and plumbing (MEP) consultants, transportation consultant; lighting and communication consultants; and artists. Early establishment of security/design collaboration is essential for a successful project. m Design consultants that can support the development of the risk management strategy by sharing information with the security consultants about the impacts, costs, and alternatives for proposed solutions. m A comprehensive understanding of the design requirements and components must be developed by all members of the design and owners teams. The systems, components, and materials needed for effective security and site design have unique technical and structural details which may initially be unfamiliar to some team members. m Early identification of the stakeholders in the project and communication with them throughout the development of the design. m A clear and well-managed design process. All aspects of the project must be addressed from the very beginning and a decision-making procedure devised that balances multiple goals, objectives, and criteria. Negotiation is an essential part of every project. Typical steps of a site planning process incorporating security issues are diagrammed in Figure 1-18. m Utilization and accommodation of mitigation methods for other hazards, including earthquakes, high winds, floods, fire, etc. m A buy-in from the property owner and also from neighbors affected by the protection strategy and methods. BACKGROUND 1-36 1.7 pRESCRIpTIVE CODES AND A pERFORmANCE-BASED DECISION- mAKING pROCESS T raditionally, the building regulatory system has been based on building codes that focused on health and safety, with a strong emphasis on fire safety as an objective. More recently, building regulations have addressed natural disasters that are threats to life sa fety (hurricanes, tornados, floods, earthquakes, and snow storms) through prescriptive design requirements, accepted analyses, physical tests, reference standards, and inspection requirements. Some man-made risks, such as HazMat storage, have also been addressed in this way. These prescriptive codes set minimum standards that are regarded by consensus as prudent and affordable, with the result that the building owner and designers are not faced with establishing the risk to their building. These minimum standards do not, however, guarantee com – plete safety or even a defined level of performance. Compliance with the code is assumed to provide a level of risk reduction deemed accept – able by consensus vote, although it may be quite inappropriate for the owner of a specific property. Currently prescriptive codes for building security protection and its necessary elements and devices do not exist. Although there are man – datory guidelines for the protection of certain governmental buildings, these prescribe objectives rather than specific requirements for building and site features. In the absence of prescriptive standards, re a – sonable and appropriate protection should be based on expected performance and cost related to the design basis threat, the building vulnerability, and the owner’s decision as to acceptable risk. Under this performance-based approach, the selection of the appropriate threat is fundamental to the design process and therefore requires very careful consideration. Once a design threat has been identified (ei – ther a terrorist act or a natural hazard), an initial determination of security and hazard mitigation measures should be based on broad classifications of assumed risks and ex – pected per formance. To assess the threat, the vulnerability of the assets, and the conse – quences of damage, a systematic quantitative risk assessment and management process are necessary. Such a process is outlined in Section 2.2 and is described in detail in FEMA 452: Risk Assessment: A How-To Guide to Mitigate Potential Terrorist Attacks Against Building s. Working with the owner, facility manager, and the occupants, The design basis threat (DBT) is the threat (tactics and weapons) against which assets within a building must be protected and upon which the security engineering design of the building is based. BACKGROUND 1-37 the protective design team can help to achieve a balance of security, aesthetics, and functionality that will combine to provide the desired level of protection within the available resources. Protective guidelines are intended to be applicable to a wide range of governmental and private building types. Depending on their geo – graphic location, they may also be faced with a wide range of natural hazards such as earthquakes, high wind events, landslides, and floods. Each facility will, in turn, have a unique set of programmatic objec – tives, site characteristics, threat profiles, risk tolerances, and bud getary limitations. Under these circumstances, it is impractical and certainly inefficient to present uniform security and hazard mitigation solution s for all buildings regardless of type, use, and location. Once the goals for performance and risk reduction have been estab – lished, and related functional and operational program requirements have been developed, they can be translated into design criteria. The delivery process for all facilities subject to protective design should have as its goal the identification and successful management of risk factors that can adversely affect facility performance. Investigations of performance failures, whether from an engineering standpoint or user expectations for a facility, have usually determined that failure is preventable. Many failures can be traced, at least in part, to poor com – munication between individuals or organizations involved in project delivery and missing or dysfunctional decision processes. This shortcoming is inherent in the traditional design and construction process, which is essentially linear through time and provides little op – portunity to revise initial assumptions, verify acceptability of changes made during subsequent steps, and benefit from the synergy of a fully integrated project delivery team. Although risk will always be present when there are security and natural hazard concerns, better systems can be designed to both reduce the overall level of risk and manage the residual risk more effectively. Figure 1-18 is a model of a performance-based design process that integrates security and natural hazard objectives and performance re – quirements, while allowing the input of existing and new technologies related to risk management principles. The consideration of cost is – sues enables design solutions appropriate to the individual project to be achieved. Some broad considerations for achieving the maximum risk reduction for the minimum amount of money are presented in Section 2.8. BACKGROUND 1-38 An increasing number of site security projects that embody the necessary kinds of integrated design team and process have now been realized, and some are illustrated in this publication. The security design for the New York Financial District area, shown in Chapter 6, Case Study 6, is an example of integrated security design for a very dense high-risk location. SOURCE: SOME PORTIONS OF THIS SECTION ARE BASED ON THE PAPER, “ A PERFORMANCE-BASED MULTI- OBJECTIvE DECISION FRAMEWORk FOR SECURITY AND NATURAL hAzARD MITIGATION ,” BY R. LITTLE, B. MEACHAM AND R. SMILOWITz, 2001, FROM HTTP://WWW .ER1.ORG/DOC S. Figure 1-18: A performance-based multi-hazard model. SOURCE: BASED ON: R.LITTLE, B.MEACHAM, R.SMILOWITz, “PERFORMANCE-BASED MULTI-OBJECTIVE DECISION FRAMEWORK FOR SECURITY AND NATURAL HAzARD MITIGATION.” BACKGROUND 1-39 1.8 CONCLUSION T his chapter has sketched some of the background against which fu – ture security site design will be implemented. Design of buildings and sites to withstand attack is a reflection of the worldwide insta – bilities in politics and culture that designers must learn to accommodat e. Events around the world in the last quarter of a century have created a new need for defensive design and have provided the experience and the lessons that can be applied today. Site and building mitigation measures add a new set of requirements to the long list of issues that the designer must deal with, and new source s of information are necessary. The FEMA Risk Management Series of pub – lications aims to provide some of this information, and this publication emphasizes the relationship between security and amenity: that in the ef – fort to make our buildings and cities more secure, we must be careful no t to lose sight of the need for convenience, functional effectiveness, and amenity in our surroundings. As part of the background information that the designer needs, the chapter presents a set of selected examples of attacks on buildings that have been significant in the development of our mitigation measures an d the procedures for their design and use. Because this is a new field o f de – sign, the customary set of codes and regulations that aim to ensure safety against other hazards do not yet exist, and the designers must use new procedures to establish criteria for appropriate mitigation measures wit h respect to security, amenity, and benefit-cost. DESIGN CONSIDERATIONS 2 2-1 DESIGN CONSIDERATIONS 2.1 INTRODUCTION A s noted in the previous chapter, in the absence of prescrip- tive regulations that address man-made hazards and terrorist threats, the designer needs to understand on what threat the de- sign must be based and what level of protection the owner desires. Threa t implies both a method and scale of attack and the likelihood of its occu r – rence. The level of protection is a function of the degree of risk that the owner will tolerate – the “acceptable risk.” In every design or renovation project, the owner has three basic choices (Figure 2-1). 1. Do nothing and accept the risk. 2. Perform a limited risk assessment and manage the risk by implementing reasonable mitigation measures. 3. Implement a detailed risk assessment leading to major construction and operational measures to reduce a high risk to an acceptable level. Figure 2-1: The risk management choices. SOURCE: FEMA 426 DESIGN CONSIDERATIONS 2-2 This publication focuses primarily on site design for assets at high risk from vehicle-laden bombs, because they have the capability of causing the maximum amount of damage and casualties. There are, however, design alternatives at this level, such as re-alignment of the approach to a bu ilding to slow down vehicles, or providing adequate stand-off distance between the bomb-laden vehicle and the building to reduce the explosive impact These measures do not protect against lesser threats such as bombs carried in backpacks, briefcases, or letters. Protection against these d e- pends on screening and inspection of pedestrians. CBR attacks involve a different set of mitigation measures that predominantly require mod- ifications to the building itself and its utility systems. The Buildin g Vulnerability Check List described in Section 2.2.4 covers CBR vulnera- bilities, and some measures that apply to site planning are discussed in Chapter 5, Section 5-11. In a dense urban situation, methods may include street closure to prevent vehicles from approaching target buildings, or using advanced surveillance equipment and operational methods, together with building hardening, to limit the damage caused by vehicle- laden bombs. The designers may employ a number of these methods to develop an integrated strategy that provides cost-effective security. However, careful consideration must be given to the impact of these secu- rity measures on the operation and function of the city. These measures must also respect and enhance the environmental quality of the site, sur – rounding neighborhood and greater community. This chapter focuses on three considerations that determine the design task: 1. The FEMA risk assessment process This involves a five-step process that may be undertaken informally by an experienced team for a smaller project or be implemented as a formal recorded systematic process by a multi-disciplinary team that may involve extensive engineering and blast analysis. The latter procedure is exemplified by the detailed FEMA Risk Assessment outlined in section 2.2. The basic model for establishing risk (which applies to natural hazards as well as physical attacks) consists of three factors that are related as follows: Risk = Threat Rating X Asset (Consequences) Value X Vulnerability Rating When the risk is established, consideration can then be given to alternative methods of mitigation. This model applies whether some consultants and the building owner are discussing security needs DESIGN CONSIDERATIONS 2-3 at the outset of a project, or a full scale FEMA type risk analysis is undertaken. It also provides the basis for the FEMA five-step risk assessment process described in Section 2.2., The risk assessment provides essential information for the site security design strategy development. 2. Explosive forces and stand-off Because this publication focuses on protection from bombs, the designers need to have a general understanding of the nature of explosive forces and the effects of blast on people and buildings. In particular, the rela- tionship between blast loading and distance is fundamental to the way in which site design can assist in reducing risk. 3. The costs of protection Because the protection of high-risk assets can be expensive, cost/ben- efit is an important element in developing an effective protection strategy. As the cost of a particular countermeasure (e.g., perimeter ve- hicle barriers) increases, the value of the measure decreases based on the relationship between performance and costs. Designers must be- come familiar with the performance of recommended measures and their cost considered over the building lifetime, with an initial cost g ov- erned by the owner’s resources. 2.1.1 ACCE pTA blE R ISk AND lEvElS O f pROTECTION The concept of acceptable risk is based on the recognition that it is an unrealistic goal to at- tempt to eliminate risk altogether: some damage from a terrorist attack must be anticipated, and the issue becomes that of de- termining how much and what kind of damage is “acceptable.” For example, total building col- lapse will be unacceptable, but broken windows that result in minimal injuries may be acceptable. The determination of “acceptable risk” is made by the building owner with the assistance of in-house security staff and/or security consul- tants, urban planners, designers and architects using risk management procedures and known building and site operations and city functions. Together, these professionals must evaluate and balance the economic and social tradeoffs be- tween increased occupant safety, decreased It may be difficult for some owners to determine “how much damage is acceptable” for the facility. Owners should realize that total protection is not possible for existing or even new facilities (short of designing a reinforced concrete bunker), and some acceptance of risk is unavoidable. Although this process may be difficult, owners should realize that it is a more thoughtful and conscientious way of designing perimeter security barriers than blindly following a prescriptive distance that may, or may not, be appropriate for the facility. The process also will ensure the most cost-beneficial solution for the site. In the unlikely event that cost is of no object to the owner, a systematic risk analysis is still essential to ensure that appropriate mitigation measures will be provided. DESIGN CONSIDERATIONS 2-4 damage, repair cost, downtime reduction, construction cost, and effectiv e function of the building and site. An approximate way of defining the acceptable risk is to use the “S ecurity Standards” or “Levels of Performance” issued by several government agen- cies to set minimum security standards for buildings constructed or leas ed by the agency or the General Services Administration (GSA). These stan- dards and recommendations are not required for non-federal buildings; however, building owners can evaluate and select those standards that meet their specific needs and criteria. The Interagency Security Committee (ISC) has issued the ISC Security Design Criteria for New Federal Office Buildings and Major Modificat ions , progressively updated since 2001. The application of the security de- sign criteria is based on a project-specific risk assessment, similar to that outlined in the following sections, that looks at Threat, Assets and Consequences, Vulnerability, and Risk. Figure 2-2 reproduces the descrip- tion of the three levels of protection used in the ISC. Note that each protection level gives a general description of expected damage that the building owner can use to help assess the acceptable risk. In addition, the ISC criteria provide more detailed performance Figure 2-2: Levels of protection from the ISC Criteria. SOURCE: FEDERAL OFFICE BUILDINGS AND MAJOR MODERNIZATION PROJECTS, INTERAGENCY SECURITY COMMITTEE, SEpTEMbER 29, 2004 PROTECTION LEVELS Your entire building structure or certain portions of the structure will be assigned a protection level according to the facility-specific risk assessment The following are definitions of damage to the structure an d exterior wall systems for each protection level. Minimum and Low Protection – Major damage. The facility or protected space will sustain a high level of damage without progressive collapse. Casualties will occur and assets will be damaged. building components, including structural members, will require replacement, or the building may be completely unrepairable, requiring demolition and replacement Medium Protection – Moderate damage, repairable. The facility or protected space will sustain a significant degree of damage, but the structure should be repairable. Some casualties may occur and assets may be damaged. building elements other than major structural members may require replacement. High Protection – Minor damage, repairable. The facility or protected space may globally sustain minor damage with some local significant damage possible. Occupants may incur some injury, and assets may receive minor damage. DESIGN CONSIDERATIONS 2-5 levels and damage state descriptions for a number of elements of the building. As an example, Figure 2-3, reproduced from the ISC Security Design Criteria, shows the protection levels and damage descriptions for glazing. The different levels of protection, for the building as a whole and its parts, will require different analysis techniques to verify that a d esign meets these various criteria. Glazing Protection Levels Based on Fragment Impact Locations Performance Conditions Protection Level Hazard Level Description of Window Glazing Response 1 Safe None Glazing does not break. No visible damage to glazing or frame. 2Very High None Glazing cracks but is retained by the frame. Dusting or very small fragments near sill or on floor acceptable. 3aHigh Very Low Glazing cracks. Fragments enter space and land on the floor no further than 1 m (3.3 ft.) from the window. 4High Low Glazing cracks. Fragments enter space and land on the floor no further than 3 m (10 ft.) from the window. 5Medium Medium Glazing cracks. Fragments enter space and land on the floor and impact a vertical witness panel at a distance of no more than 3 m (10 ft.) from the window at a height no greater than 0.6 m (2 ft.) above the floor. 6Low High Glazing cracks and window system fails catastrophically. Fragments enter space impacting a vertical witness panel at a distance of no more than 3 m (10 ft.) from the window at a height greater than 0.6 m (2 ft.) above the floor. Figure 2-3: Glazing levels of protection and damages states. SOURCE: FEDERAL OFFICE BUILDINGS AND MAJOR MODERNIZATION PROJECTS, INTERAGENCY SECURITY COMMITTEE, SEpTEMbER 29, 2004 2.2 THE fEMA RISk ASSESSMENT pROCESS FEMA Publication 452: Risk Assessment: A How-To Guide to Mitigate Potential Terrorist Attacks against Buildings provides a detailed process for the risk assessment of buildings and other critical structures. This sec – tion outlines the structure and concepts of the FEMA Risk Assessment approach in order to provide the reader unfamiliar with risk assessment an understanding of the FEMA process. The detail and thoroughness of the FEMA process is left to the building owner: the assessment process DESIGN CONSIDERATIONS 2-6 guides the establishment of a desired level of protection by the owner a nd the development of mitigation measures by the multi-disciplinary design team. The FEMA process is also very effective in providing a uniform as- sessment for a large inventory of assets, such as an industrial park or the central business district of a city. A risk involving an inventory of buildings begins with a Tier 1 assess- ment or a Rapid Visual Screening, described later, which will reduce the number of projects needing a more detailed assessment. The risk assess- ment can then proceed on successively more detailed levels, such that th e most detailed level need only be investigated on relatively few projects . These three levels, or tiers, of assessment are outlined in more detail in Section 2.2.1. The FEMA process consists of five steps; each step has a number of tasks (Figure 2-4). Figure 2-4: The FEMA five-step process. SOURCE: FEMA 452 2.2.1 TIERS Of THE RISk ASSESSMENT pROCESS The level of the assessment for a given building or an inventory of build- ings is dependent upon a number of factors, such as type of building, location, type of construction, number of occupants, economic life, othe r owner specific concerns, and available economic resources. FEMA 452 provides procedures for increasingly detailed tiers of assessments. The underlying purpose is to provide a variable scale to meet benefit/cost con- siderations for a given building that meets the intent and requirements of available anti-terrorism guidelines, such as the DoD Minimum Anti- Terrorism Standards and the DHS Interagency Security Criteria. A Tier 1 assessment is a screening process that identifies the primary vul- nerabilities and mitigation options and is a “70-percent” assessment. This may involve a site visit and architectural, engineering, security system s, and operations staff and consultants. DESIGN CONSIDERATIONS 2-7 A Tier 2 assessment is a full on-site evaluation that provides a robust eval- uation of system interdependencies, vulnerabilities, and mitigation options; it is a “90 percent” assessment solution. This may involve the following professionals: site and architectural; structural and building envelope; mechanical, electrical, and power systems; site utilities; in- formation technology (IT); telecommunications; security systems; and operations experts. A Tier 3 assessment is a detailed evaluation of the building using blast models to determine building response, survivability and recovery, and the development of mitigation options. This assessment typically involve s engineering and scientific experts and requires detailed design inform a- tion, including drawings and other building information. Modeling can often take several days or weeks and is typically performed for high-value and critical infrastructure assets deemed at very high risk. This type of as- sessment may include the following professionals: site and architectural; structural and building envelope; mechanical, electrical, power systems, and site utilities; IT and telecom modeler; security system and operatio ns; explosive blast modeler; CBR modeler; and cost engineer. The depth and completeness on the assessment depends on the number of professional experts and the number of days devoted to prepare the assessment. 2.2.2 THE fEMA RISk ASSESSMENT STEpS This section provides a summary of the five steps to show the structure and content of the assessment process. For each step the assessment re- sults in a numerical value, on a scale of 1-10, as described in Section 2.2.6, that expresses the result of the assessment as a numerical importance rating (see Tables 2-1 and 2-2 for the scales used for these ratings). Step 1. The threat is identified, defined and quantified. For terrorism, the threat is defined as any indication, circumstance, or event with the potential to cause loss of or damage to an asset. The threat can be qualified by the aggressors (people or groups) that are known to exist, and that have a known capability and history of using hostile actions, and includes the tactics and types of weapons that have been used. The outcome of the assessment is the definition of the design basic threat – the types and capabilities of weapons against which the building must be protected and the threat rating, which deals with the probability of the threat occurring and the consequences of its occurrence (Figure 2-5). DESIGN CONSIDERATIONS 2-8 Step 2. The assets (consequences) that need to be pro- tected are identified. (“Assets” refer to the building, people, equipment and contents, and also the conse- quences of their damage or loss.) Assets can be categorized by the degree of debilitation impact that would be caused by their incapacity or destruction. Critical assets include identifying the core functions and processes necessary for the building to continue to operate and provide services after an attack, including infrastructure and utilities (Figure 2-6). TASKS KEY QUESTIONS DESIGNERS MAY ASK m Identify the threats and collect information on them m Determine the design basic threat m Determine the threat rating m What groups or organizations are known? m Do they have a history of terrorist acts and what are their tactics? m What are the intentions of the aggressors against the government, commercial enterprises, industrial sectors, or individuals? m Has it been determined that targeting is actually occurring or being discussed? TASKS KEY QUESTIONS DESIGNERS MAY ASK m Identify critical assets (critical functions and infrastructure) m Identify the building core and functions and infrastructure (see section 2.2.2.1) m Determine the asset value rating m How critical is this asset? m What losses or damage may occur in case of a terrorist attack? Would the asset or building remain operational? m What are the potential losses of life? m What would be the social and economic impact of the attack? Figure 2-5: Threat identification and rating tasks and issues. Figure 2-6: Asset value assessment tasks and issues. DESIGN CONSIDERATIONS 2-9 Step 3. A vulnerability assessment evaluates the poten- tial vulnerability of the critical assets against a broad range of identified threats/hazards. Vulnerability is defined as any weakness that can be exploited by an aggressor to make an asset susceptible to damage or destruction. As part of the vulnerability assessment process the layers of defense are identified. The layers of defense are described in detail in Chapter 3 , Section 3.2. The layers of defense establish demarcation points for dif- ferent security strategies, and establish where the assets being identifi ed are located in relation to the property under the control of the owner. Typically, the first layer is outside the property line, the second layer is between the property line and the asset, and the third layer is the pro- tection of the asset itself. An important tool for defining vulnerability is the use of the Vulnerability Assessment Check List that is provided in FEMA 452; this is described in Section 2.2.4 in this publication. It consists of a list of questions and commentary that enables the assessors to develop a con- sistent and thorough picture of the asset’s vulnerability. In and of itself, the vulnerability assessment provides a basis for determining mitigation measures for protection of the critical assets. The vulnerability assess – ment is the bridge in the methodology between threat/hazard, asset value, and the resultant level of risk (Figure 2-7). TASKS KEY QUESTIONS DESIGNERS MAY ASK m Collect information about the site and building into a vulnerability portfolio that includes GIS maps and other pertinent information m Identify the layers of defense m Evaluate the site and building m Determining the vulnerability ratin m What are the major weaknesses identified that make the asset susceptible to an aggressor? m Does the building lack redundancies or physical protection? Has continuity of operation been established? m Is there an alternative site? m Are redundancies for critical services and operations in place? m When can the building be functional again? Figure 2-7: Vulnerability assessment tasks and issues. DESIGN CONSIDERATIONS 2-10 Step 4 . Risk assessment. In this step the values for the Threat, Asset, and Vulnerability are multiplied to arrive at the Risk. This step analyzes the threat (probability of occurrence) and asset value and vulnerabilities (consequences of occurrence) to ascertain the level of risk for each critical asset against each applicable threat. The risk assessment provides engineers and architects with relative risk profiles that define which assets are at the greatest ris k against specific threats, thus enabling appropriate protection methods to be selected for further analysis. Thus, a very high likelihood of occurrence with very small consequences may require minimal mitigation measures, but a very low probability of occurrence with very grave consequences, such as large loss of life, may require costly and complex mitigation measures (Figure 2-8). TASKS KEY QUESTIONS DESIGNERS MAY ASK m prepare risk assessment matrices (see Section 2.2.2.1) m Determine the risk ratings (Threat X Asset Value X Vulnerability) m beginning with highest risk ratings, prioritize observations identified as vulnerabilities to target potential mitigation measures m How are priorities determined for observations identified as vulnerabilities using the building Vulnerability Checklist/Database? Figure 2-8: Risk assessment tasks and issues Step 5. The consideration and selection of risk mitiga- tion options are directly associated with and responsive to the major risks identified in Step 4. In Step 5 deci- sions are made as to where and how to minimize the risks and how to accomplish these tasks during the de- sign and construction phase and, if appropriate, over the operational life of the building. In this process, general mitigation goals and objectives and the merits of each potential mitigation measure must be examined. The building owner has to make the final decision as to which mitigati on measures should be implemented based on the level of protection de- sired and the acceptable risk tolerated. However, engineers, architects, landscape architects, and other technical advisers and staff should be i n – volved in this process to ensure that the results of the risk assessment are met with sound mitigation measures that will increase the capability of the building to perform to its selected performance level (Figure 2-9). DESIGN CONSIDERATIONS 2-11 Figure 2-9: Mitigation options tasks and issues. 2.2.3 bUIlDING CORE fUNCTIONS AND INfRASTRUCTURE A key element for the preparation of a risk assessment is the identifi cation of the core functions and infrastructure of the asset. The core function s establish what a building does, how it does it, and how various threats can affect the building operations. The core infrastructure consists of thos e characteristics of the building that support its functions and that are crit- ical to its continued operation. The functions and infrastructure analyses identify the geographic distri – bution within the building and interdependencies between critical assets . For example, a bomb or CBR attack entering through the loading dock could impact the telecommunications, data, uninterruptible power supply (UPS), generator, and other key infrastructure systems. The reason for identifying core functions and processes is to focus the as- sessment team on the building functions, how they are accomplished, and how various threats can impact the building. After the core functions an d processes are identified, an evaluation of building infrastructure should follow. Figure 2-10 depicts the core functions and infrastructure. New func- tions can be added depending on the type and functions of a particular building. Building infrastructure is composed of fixed elements that are categorized in the next section of this chapter. TASKS KEY QUESTIONS DESIGNERS MAY ASK m Identify preliminary mitigation options m Review mitigation options for interaction and appropriateness in each layer of defense m Estimate cost of mitigation options m Select mitigation options to implement and timetable for each m What mitigation options will reduce risk the most, especially for highest risks identified in risk matrices? m Which options should be taken to detect, deter, or deny an attack in regard to available layers of defense? m What regulatory criteria impact these options? m What options have the greatest benefit (risk reduction or achievement of protection level) for cost? m How do site and layout design protection and control measures balance against building hardening measures? DESIGN CONSIDERATIONS 2-12 2.2.4 bUIlDING vU lNERA bIl IT y C HEC klIST The Building Vulnerability Checklist, presented in full in FEMA 452, is in- tended to guide the preparation of the risk assessment. It is a screenin g tool for a preliminary design vulnerability assessment. The Checklist is or – ganized into 13 sections: 1) site, 2) architectural, 3 ) structural systems, 4) building envelope, 5) utility systems, 6) mechanical systems, 7) plum bing and gas systems, 8) electrical systems, 9) fire alarm systems, 10) communi- cations and IT systems, 11) equipment operations and maintenance, 12) security systems, and 13) security master plan. To conduct a vulnerability assessment of a building or preliminary design, each section of the Checklist should be assigned to an engineer, architect, or subject matter expert who is knowledgeable and qualified to per – form an assessment of the assigned area. Each assessor should consider the questions and guidance provided to help identify vulnerabilities and document results in the observations column. For an existing building, vulnerabilities can also be documented with photographs, if possible. Th e vulnerabilities of the facility are selected from the observations provided for each vulnerability question. These vulnerabilities are then prioritized to determine the most effective mitigation measures. Prioritization is based on the greatest vulnerabilities that can be exploited by the aggressors and the largest risks in terms o f loss of lives, building damage, and loss of operation. Core Functions Building Infrastructure Administration Site Engineering Architectural Warehouseing Structural Systems Data Center Envelope Systems Food Service Utility Systems Security Mechanical Systems Housekeeping plumbing and Gas Systems Day Care Electrical Systems Fire Alarm Systems IT/Comminications Systems Figure 2-10: Core functions and building infrastructure charts. SOURCE: FEMA 452 DESIGN CONSIDERATIONS 2-13 2.2.5 ElECTRONIC DATAbASE fOR RISk ASSESSMENT AND RISk MANAGEMENT To facilitate the management of the large amount of information that comprises a thorough FEMA Risk Assessment process and use of the Building Vulnerability Assessment Checklist, FEMA has developed a soft- ware database with a graphical user interface to assist users in inputting data and producing reports presented in Microsoft Word © or Excel © doc- uments. Security features protect data and provide search capabilities t o find stored information. The Risk Assessment Database is a stand-alone application that is both a data collection tool and a data management tool. Assessors can use the tool to assist in the systematic collection, storage, and reporting of a ssess- ment data. It has functions, folders, and displays to import and display threat matrices, digital photos, cost data, site plans, floor plans, e mer – gency plans, and certain GIS products as part of the record of assessmen t. Managers can use the application to store, search, and analyze data col- lected from multiple assessments, and then print a variety of reports. The Risk Assessment Database is continually evolving and is currently in its third version, with fourth and fifth versions already under develo p- ment. The fourth version will add natural hazards vulnerability assessme nt checklist questions for earthquake (seismic), flood, and wind, follo wing the same format as the original checklists – questions, guidance, and ref- erences for additional information, with color coding within the origina l Construction Specification Institute format. The fifth version will add another type of assessment to the database called Rapid Visual Screening (RVS), which will follow the process in the soon-to-be-published FEMA 455, Handbook for Rapid Visual Screening to Evaluate the Vulnerability of Buildings to Potential Terrorist Attacks. The pri- mary purpose of the RVS procedure is to prioritize the relative risk among standard commercial buildings in a portfolio, community, or region (urban and semi-urban areas), but it can also be used to develop build ing- specific vulnerability information. It can be performed using limited information from outside the building exterior, because interior inspec- tions or interviews with key stakeholders are not always possible. Contrast this with a Tier 1 assessment in which the screening is performed with full access to the building and participation of key building occupants. 2.2.6 RANkING For determining the threat rating, FEMA 452 provides a methodology based on the consensus opinion of the building stakeholders, threat spe- cialists, and engineers. Table 2-1 illustrates the 10-point numerical scales DESIGN CONSIDERATIONS 2-14 (10 being the highest) that are used in this process. The key elements of these scales are the following: m For Threat Rating: Likelihood of a threat (credible, verified, exists, unlikely, unknown), if the use of the weapon is considered imminent, expected, or probable m For Asset (Consequences) Value: Loss of assets and/or people would have grave, serious, moderate, or negligible consequences or impact; economic impact due to the loss of functions m For Vulnerability Rating: Number of weaknesses, aggressor potential accessibility, level of redundancies/physical protection, time frame for the building to become operational again Table 2-1: Scale for Threat Value Rating, Threat Rating Very High 10 Very High – The likelihood of a threat, weapon, and tactic being used against the site or building is imminent. Internal decision-makers and/or external law enforcement and intelligence agencies determine the threat is credible. High 8-9 High – The likelihood of a threat, weapon, and tactic being used against the site or building is expected. Internal decision-makers and/or external law enforcement and intelligence agencies determine the threat is credible. Medium High 7 Medium High – The likelihood of a threat, weapon, and tactic being used against the site or building is probable. Internal decision-makers and/or external law enforcement and intelligence agencies determine the threat is credible. Medium 5-6 Medium – The likelihood of a threat, weapon, and tactic being used against the site or building is possible. Internal decision-makers and/or external law enforcement and intelligence agencies determine the threat is known, but is not verified. Medium Low 4 Medium Low – The likelihood of a threat, weapon, and tactic being used in the region is probable. Internal decision- makers and/or external law enforcement and intelligence agencies determine the threat is known, but is not likely. Low 2-3 Low – The likelihood of a threat, weapon, and tactic being used in the region is possible. Internal decision-makers and/or external law enforcement and intelligence agencies determine the threat exists, but is not likely. Very Low 1 Very Low – The likelihood of a threat, weapon, and tactic being used in the region or against the site or building is very negligible. Internal decision-makers and/or external law enforcement and intelligence agencies determine the threat is non-existent or extremely unlikely. SOURCE: FEMA 452 DESIGN CONSIDERATIONS 2-15 Table 2-2: Scale for Asset Value Rating Asset (Consequences) Value Very High 10 Very High – Loss or damage of the building’s assets would have exceptionally grave consequences, such as extensive loss of life, widespread severe injuries, or total loss of primary services, core processes, and functions. High 8-9 High – Loss or damage of the building’s assets would have grave consequences, such as loss of life, severe injuries, loss of primary services, or major loss of core processes and functions for an extended period of time. Medium High 7 Medium High – Loss or damage of the building’s assets would have serious consequences, such as serious injuries or impairment of core processes and functions for an extended period of time. Medium 5-6 Medium – Loss or damage of the building’s assets would have moderate to serious consequences, such as injuries or impairment of core functions and processes. Medium Low 4 Medium Low – Loss or damage of the building’s assets would have moderate consequences, such as minor injuries or minor impairment of core functions and processes. Low 2-3 Low – Loss or damage of the building’s assets would have minor consequences or impact, such as a slight impact on core functions and processes for a short period of time. Very Low 1 Very Low – Loss or damage of the building’s assets would have negligible consequences or impact. SOURCE: FEMA 452 Table 2-3: Scale for Vulnerability Rating Vulnerability Rating Very High 10 Very High – One or more major weaknesses have been identified that make the asset extremely susceptible to an aggressor or hazard. The building lacks redundancies/ physical protection and the entire building would be only functional again after a very long period of time after the attack. High 8-9 High – One or more major weaknesses have been identified that make the asset highly susceptible to an aggressor or hazard. The building has poor redundancies/physical protection and most parts of the building would be only functional again after a long period of time after the attack. DESIGN CONSIDERATIONS 2-16 Vulnerability Rating Medium High 7 Medium High – An important weakness has been identified that makes the asset very susceptible to an aggressor or hazard. The building has inadequate redundancies/ physical protection and most critical functions would be only operational again after a long period of time after the attack. Medium 5-6 Medium – A weakness has been identified that makes the asset fairly susceptible to an aggressor or hazard. The building has insufficient redundancies/physical protection and most part of the building would be only functional again after a considerable period of time after the attack. Medium Low 4 Medium Low – A weakness has been identified that makes the asset somewhat susceptible to an aggressor or hazard. The building has incorporated a fair level of redundancies/ physical protection and most critical functions would be only operational again after a considerable period of time after the attack. Low 2-3 Low – A minor weakness has been identified that slightly increases the susceptibility of the asset to an aggressor or hazard. The building has incorporated a good level of redundancies/physical protection and the building would be operational within a short period of time after an attack. Very Low 1 Very Low – No weaknesses exist. The building has incorporated excellent redundancies/physical protection and the building would be operational immediately after an attack. SOURCE: FEMA 452 2.2.7 pREp ARING THE RISk ASSESSMENT To prepare the assessment, a number of matrices need to be completed, manually or through use of the database software. Multiplying values as- signed for threat rating, asset (consequences) value, and vulnerabilit y rating factors provides quantification of total risk. The total risk f or each function or system against each threat is assigned a color code (Table 2-4). This table is an example of a completed matrix. Table 2-4: Function and Site Infrastructure Pre-Assessment Screening Matr ix Total Risk Color Code Low RiskMedium Risk High Risk Risk Factors Total 1-60 61-175 ≥ 176 Table 2-3: Scale for Vulnerability Rating (continued) DESIGN CONSIDERATIONS 2-17 Table 2-4: Function and Site Infrastructure Pre-Assessment Screening Matr ix (continued) Function Cyber AttackArmed Attack (single gunman) Vehicle Bomb CBR Attack Administration 280 140135 90 Asset Value 555 5 Threat Rating 843 2 Vulnerability Rating 779 9 Engineering 128128192 144 Asset Value 888 8 Threat Rating 843 2 Vulnerability Rating 248 9 Warehousing 963681 54 Asset Value 333 3 Threat Rating 843 2 Vulnerability Rating 439 9 Data Center 360128216 144 Asset Value 888 8 Threat Rating 943 2 Vulnerability Rating 549 9 Food Service 232 48 36 Asset Value 222 2 Threat Rating 143 2 Vulnerability Rating 148 9 Security 280140168 126 Asset Value 777 7 Threat Rating 843 2 Vulnerability Rating 558 9 Housekeeping 166448 36 Asset Value 222 2 Threat Rating 843 2 Vulnerability Rating 188 9 Day Care 54324 243 162 Asset Value 999 9 Threat Rating 343 2 Vulnerability Rating 299 9 DESIGN CONSIDERATIONS 2-18 Table 2-4: Function and Site Infrastructure Pre-Assessment Screening Matr ix (continued) Function Cyber AttackArmed Attack (single gunman) Vehicle Bomb CBR Attack Site 48 80108 72 Asset Value 4444 Threat Rating 4432 Vulnerability Rating 3599 Architectural 4040135 20 Asset Value 5555 Threat Rating 8432 Vulnerability Rating 1292 Structural Systems 2432240 16 Asset Value 8888 Threat Rating 3432 Vulnerability Rating 1110 1 Envelope Systems 84112 189112 Asset Value 7777 Threat Rating 6432 Vulnerability Rating 2498 Utility Systems 112 56168 42 Asset Value 7777 Threat Rating 8432 Vulnerability Rating 2283 Mechanical Systems 4256105 126 Asset Value 7777 Threat Rating 6432 Vulnerability Rating 1259 Plumbing and Gas Systems 4040120 70 Asset Value 555 5 Threat Rating 8432 Vulnerability Rating 1287 Electrical Systems 4284189 28 Asset Value 7777 Threat Rating 8432 Vulnerability Rating 1392 Fire Alarm Systems 162108216 36 Asset Value 9999 Threat Rating 6432 Vulnerability Rating 3382 IT/Communications Systems 512 64192 32 Asset Value 8888 Threat Rating 8432 Vulnerability Rating 8282 SOURCE: FEMA 426 DESIGN CONSIDERATIONS 2-19 The Risk Assessment procedure and the use of the matrix above provide a numerical ranking of risk that has been developed on a systematic basi s. Note at the top of the matrix there is a “box score” for the low, medium, and high risk core and infrastructure functions. This provides a useful summary picture of the status of the facility, but the real value of the risk assessment process lies in the detail of the threat, asset and vulnerabi lity assessments that provide the basis for the final selection of mitigati on mea- sures. Inspection and analysis of the results of the assessment are valuable in discerning patterns of vulnerability or asset value, for example, and es – tablishing the relative importance of site, building, or other character istics. The ranking value provides a useful basis for prioritization when developing mitigation measures for an individual building or for prioritizing betwe en a group of buildings. It is not intended that the ranking scoring system on its own be used for establishing absolute thresholds of mitigation. 2.3 EXplOSI vE fORCES AND STAND-O ff I t is useful for designers involved in security design to have a general understanding of the nature of explosive forces and the effects of blast on people and buildings. This chapter presents a very brief dis- cussion of explosives and blast. Fuller explanations will be found in FE MA 426 and FEMA 452. FEMA 427 provides further information on explosive weapons and specifically addresses their effects on four high-populati on, private-sector building types: commercial offices, retail, and multi-family residential, and light industrial. FEMA 453 provides useful information on explosive threat parameters. An explosion is an extremely rapid release of energy in the form of ligh t, heat, sound, and a shock wave. Explosive pressures encountered in de – sign are typically much greater than other loads that are considered, bu t they decay extremely rapidly with time and space. As a rule of thumb, the pressures generated by the shock wave increase linearly with the size of the weapon, usually measured in equivalent pounds of TNT, and decrease exponentially with the distance from the explosion. The dura- tion of the explosion is extremely short, measured in thousandths of a second, or milliseconds. As the shock wave expands, the incident or overpressure decreases. When it encounters a surface that is in line-of-sight of the explosion, the wave is reflected, resulting in a tremendous amplification of pressure on th e sur – face of the object: shock waves can reflect with an amplification factor of up to about 12. The magnitude of the reflection factor is a function o f the proximity of the explosion and the angle of incidence of the shock wave on DESIGN CONSIDERATIONS 2-20 the surface (with incidence normal to the targets resulting in the maximum pressure). Late in the explosive event, the shock wave becomes negative , followed by a partial vacuum, which creates suction behind the shock wave that can cause windows to fall outwards. For a specific type and weigh t of explosive material, the intensity of blast loading will depend on the distance and orientation of the blast wave relative to the protected space. These characteristics are aspects of the site size and placement of the buildi ng(s). Figure 2-11 shows the time-history of the blast in milliseconds. Immediately following the vacuum, air rushes in, creating a powerful wind or drag pressure on all surfaces of the building. This wind picks up and carries flying debris in the vicinity of the detonation. In an externa l ex- plosion, a portion of the energy is also imparted to the ground, creatin g a crater and generating a ground shock wave analogous to a high-intensity short-duration earthquake. 2.3.1 pREDICTING blAST EffECTS Determination of blast loading is a specialized activity, and a blast con- sultant must be included as a member of the design team. He or she will have formal training in structural dynamics and demonstrated experience with acceptable design practices for blast-resistant design. The figures and tables in this section are also useful in providing non-specialist designers with an understanding of the relationships between blast loads, stand-of f distance, and building damage (stand-off or setback is the distance be- Figure 2.11: Air-blast time his- tory (in milliseconds). The positive pressure greatly exceeds the negative pressure. SOURCE: bASED ON FIGURE 3.2 IN FUNDAMENTALS OF PROTECTIVE DESIGN FOR CONVENTIONAL WEAPONS, TECHNICAL MANUAL TM5-855-1, HEADQUARTERS, DEp ARTMENT OF THE ARMY, WASHINGTON D.C., 3 NOVEMbER 1986 DESIGN CONSIDERATIONS 2-21 tween the explosive threat location and the nearest building element tha t requires protection). The first step in predicting blast effects on a building is to predict blast loads on the structure. Because the damaging pressure pulse varies with stand-off distance, angle of incidence and reflected pressure ove r the building exterior, the blast load prediction should be performed at multiple threat locations; however, worst-case conditions are normally used for decision making. For complex structures requiring refined estimates of blast loading, blast consultants may use sophisticated methods such as computational fluid dynamics (CFD) computer pro- grams to predict blast loads. In essence, the blast consultant simulates an explosion based on the ava il- able or projected stand-off to determine the effect on the building. Thi s provides information on the value a perimeter security system may have in protecting the available stand-off. Alternative stand-offs (includin g none) may also be simulated to compare the results to the required per- formance levels, so that tradeoffs between varying stand-off distances and levels of building envelope and structural hardening may be evaluated to obtain optimal costs. 2.4 THE IM pORTANCE O f STAND-O ff DISTANCE T he stand-off distance is the single most important factor in de- termining the extent of damage for a given-size weapon. This is because, as noted above, the blast loading decays rapidly with the distance. In general, if the distance is doubled, the blast loading is r e- duced by a factor of 3 to 8, based upon the distance to the building and the TNT equivalent weight, with the smaller reduction applicable to smaller distances. Figures 2-12 and 2-13 and Table 2-3 illustrate the influence of stand-off on building damage and casualties. These graphics provide only a broad indication of the effects, which will vary considerably depending on the type of construction, age and quality of the building, its location, and its configuration. Figure 2-12 represents the level of protection offered by conventional c on – struction at a given stand-off. The green bars in the figure indicate that no significant protection from blast effects is readily attainable at the se dis- tances in a conventional building, without structural hardening for the bomb sizes indicated. DESIGN CONSIDERATIONS 2-22 The blue bar indicates a low level of protection. At these distances, a con – ventionally constructed building will typically sustain moderate to heav y damage. Occupants in exposed structures may suffer temporary hearing loss and injury from the force of the blast wave and building debris frag- mentation. Other building elements and contents may suffer damage from these effects. The pale blue bar indicates a medium level of protection. At these dis- tances, conventionally constructed buildings will generally sustain light to moderate damage. Occupants of exposed structures may suffer minor in- juries from secondary effects such as building debris. The violet bar indicates a high level of protection. At these distances, con- ventionally constructed buildings will generally sustain minor damage. Flying debris may also cause superficial injuries and minor damage to building elements and contents. Note that for a 500-lb. bomb (carried in a car or light truck), a low level of protection begins only at a 200-foot stand-off. For a 50-lb. bomb (suitcase or suicide bomber), a low level of protection begins at about 80 feet. The thresholds of different types of injuries associated with damage to wall fragments and/or glazing are depicted in Figure 2-13. This range- to-effects chart shows a generic interaction between the weight of the explosive threat and its distance to an occupied building. These generic charts, for conventional construction, provide information to law en- forcement and public safety officials that allow them to establish safe evacuation distances should an explosive device be suspected or detected . However, these distances are so site and building specific that the generic Figure 2-12: Level of protection versus explosive size and stand-off. SOURCE: AppLIED RESEARCH ASSOCIATES, INC DESIGN CONSIDERATIONS 2-23 charts provide little more than general guidance in the absence of more reliable site-specific information. Based on the information in the chart, the onset of significant glass debris hazards is associated with stand-off distances on the order of hu n- dreds of feet from a vehicle-borne explosive detonation while the onset of column failures is associated with stand-off distances on the order of tens of feet. Note also from inspection of the graphic figure (Figure 2-12), the threshold of potentially lethal injuries from a 50-lb. bomb is about 80 feet, considerably more than the stand-off available in typical urban settings . Figure 2-13: Explosive environments: stand-off versus injuries and damage. SOURCE: FEMA 453 DESIGN CONSIDERATIONS 2-24 The performance graphically illustrated in Figure 2-13 can also be ex – pressed as a range of stand-off distances in relation to increasing injuries and damage. Table 2-3 is derived from Figure 2-13 and shows injuries related to stand-off for a 500-lb. bomb carried by a car or light van co m- pared to those of a 5,000-lb. bomb carried by a heavier truck. Again, as in the previous figures, the values are generic: the intent is only to illustrate the general benefit of increasing stand-off; they should not be used a s de- sign tools. Table 2-5: Injury or Damage Related to Stand-off Injury and/or Damage Stand-off (feet) 500-lb. Bomb 5,000-lb. Bomb Threshold of failure, concrete columns 3060 potentially lethal injuries 150350 Injuries from wall fragments or to people in open 150-250350-500 Severe glass wounds (glass with applied film) 250650 Severe glass wounds (unprotected glass) 5001,000+ Minor cuts 8001,000+ Figure 2-14 shows a blast analysis for the Khobar Towers incident of 1996. The 20,000-lb. bomb was exploded 80 feet from the closest building. Studies show that increasing the stand-off distance from 80 to 400 feet would have significantly limited the damage to the building and reduce d casualties to the occupants (See Chapter 1, Section 1.5.2.8, for furthe r in- formation on this attack) . The 20,000-lb. bomb was exploded in front of the building to the bottom left. Nineteen persons were killed. The Khobar buildings were con- structed to prevent progressive collapse and were successful: the heavy casualties were caused by loss of the façade and glass damage. By con trast, the Murrah Building in Oklahoma City (see Section 1.5.2.6) was attacke d by a truck-carried 4,000-lb. bomb that exploded 15-20 feet from the building, causing progressive collapse of much of the structure and most of the 168 deaths. The critical location of a weapon is a function of the site, the buildin g layout, and the security measures in place. For vehicle bombs, the crit- ical locations are considered to be at the closest point that a vehicle can approach on each side, assuming that all security measures are in place. Typically, this is a vehicle parked along the curb directly opposite the building, or at the entry control point where inspection takes place. A curb is not a barrier to a terrorist vehicle with explosives. The Depart ment DESIGN CONSIDERATIONS 2-25 of State view is that if there is no effective anti-ram barrier, there is no setback. Achieving anti-ram setback is a most effective blast mitigation measure. For design and estimating purposes, stand-off is measured from the center of gravity of the charge located in the vehicle or other container to the building component under consideration (usually the building façade). Figure 2-14: Stand-off distance related to blast impact as modeled on the Khobar Towers. SOURCE: INSTALLATION FORCE pROTECTION GUIDE, USAF DESIGN CONSIDERATIONS 2-26 It can be seen from the information above that even at stand-off dis – tances of several hundred feet, a large weapon can inflict severe inju ries, primarily through glass breakage. Building collapse can be prevented at much lower stand-offs, but in an urban situation, a curbside car or truck bomb presents a real threat of collapse to a conventional structur e. Hence, every foot available to increase the stand-off is valuable. Determination of minimum distances is specific for each building and is based on: m Prediction of the explosive weight of the weapon m Required level of protection: this may be specified in the case of a federal or other government building, but for a privately owned building, it is a determination of the “acceptable risk” made duri ng the risk assessment process. m Evaluation of the type of building construction, whether existing or new, including the building structure and nature of building envelope. m Constraints or opportunities provided by the site. If generous stand-off can be provided for an existing building, an evalu a- tion of the building structure, façade, and the occupants at the perimeter may enable the elimination of protective solutions such as (in order of cost and effectiveness) installing blast-resistant glass and framing, a ddi- tional reinforcing for some building supports (columns and walls) at the lower floors, and specific structural measures against progressive c ollapse. On the other hand, the relatively low cost of hardening the loading dock , other delivery areas, and the building lobby may be a good investment. 2.5 COST Of pROTECTION C ost is a very demanding aspect of every design and construction project, and it particularly important when managing risk. As the cost of a particular protective measure (e.g., perimeter vehicle barriers) increases, the value of the measure decreases, based on the r e- lationship between performance and cost. Achieving the maximum risk reduction for the minimum amount of money is one of the basic princi- ples of risk management. Life-cycle costing, economic analysis, and value engineering can be used to the extent that they suit the owner’s economic goals. Clearly an agency or institution that expects to own a building for its entire useful life is well advised to budget on a life-cycle, and many government agencies now re- quire that this be done. Private developers may have other aims, but the DESIGN CONSIDERATIONS 2-27 ultimate building owners and operators will all benefit from a buildin g in which life-cycle costs have been considered. Three cost considerations specifically related to security measures need to be examined at the outset of project cost planning: m Identification of elements that may not require additional cost if they are incorporated from the beginning of the design process and integrated with other requirements. These are items such as when the cost of construction can be substantially reduced by taking advantage of existing landscape or other elements that can perform as perimeter vehicle barriers and that fall within the acceptable range of distances. However, it is important to note that this approach is only acceptable after a detailed analysis by structural engineers to determine the landscape elements’ ability to defend against the design threat vehicle. However, many barriers that have shown excellent simulated performance have failed crash tests, and validation testing for designs that do not have comparable test data available for correlation may be advisable. Owners must evaluate how much risk they are willing to accept by using existing unrated systems. m Identification of elements that clearly represent additional cost for construction and installation, compared to a typical project, due to additional structural needs such as specially reinforced bollards, hardened street furniture, or reinforced entry gates. m Identification of elements that may be installed in an incremental manner to minimize initial cost until final security needs are determined. For private-sector projects that will be leased, the occupants and their security requirements may not be finalized until after construction is complete. Provision of pits for active or passive barriers, conduit for security systems, and the preliminary negotiation of approvals for perimeter security enable these elements easily to be added later, when and if tenants require them. The developer will carry a portion of the initial cost for construction, while the tenants will be responsible for the remaining costs as part of their leases. The cost/performance of the perimeter barrier must be evaluated in rela – tion to the entire protection system, both for the site and the building. (The major cost evaluation in protection is that between the impacts of stand -off distance and building component costs). Thus cost reduction achieved by decreasing stand-off and perimeter length must be evaluated against the com – parative increased cost of other solutions, such as hardening the buildi ng, providing more guards, increasing camera surveillance, relocating the facility, or relocating key building occupants to interior locations. These evaluations must be conducted with respect to achieving an acceptable level of risk. DESIGN CONSIDERATIONS 2-28 Figure 2-15 shows how stand-off affects various structural and nonstructural components of a facility. The figure generally illustrates, at no specific scale, the general trends and relationships between sta nd- off and cost of protection to implement a typical set of federal agency criteria, such as the ISC Security Criteria. A number of components of incremental security are shown, including structural and nonstructural components contributors. The relative magnitude and scale of these rela- tionships will vary from project to project. As can be seen, the cost associated with hardening the mailroom, loading dock, and lobby is usually small compared to the total project cost, and does not vary with available stand-off to a vehicle-delivered bomb. The cost associated with progressive collapse consideration is also constant with stand-off, since it is normally treated as threat-independent. Ther e is a point at smaller stand-offs where the structural design is further im- pacted by the blast loading on the frame, resulting in larger framing members and additional cost. This issue occurs in close-in regions, part ic- ularly within about 50 feet. As the stand-off gets very small (as in a central business district alley) costs increase exponentially, and reasonable strat- Figure 2-15: Impact of stand- off distance on component costs. SOURCE: L. bRYANT, J. SMITH, AppLIED RESEARCH ASSOCIATES, INC. DESIGN CONSIDERATIONS 2-29 egies are to accept the risk, or to increase stand-off by street closure , together with active barriers and screening, if vehicular services to the building must be maintained, as discussed in Chapter 6. The requirements for walls and windows are a function of stand-off, as i n- dicated for larger stand-off. However, most federal criteria place limits on the maximum levels for which various components must be designed. The limits placed on the design blast pressure and impulse for the me- dium and higher levels of protection cap the cost at a particular stand- off (limit), such that the cost for walls and windows does not increase wi thin this limit. It must be noted that this limitation in blast resistance increases the inherent risk accepted with decreasing stand-off. The sum of costs of hardening for the various components result in the “cost-of-hardening” curve indicated on Figure 2-15. This function has a plateau between about 50 feet stand-ff distance and the limit value for the relevant level of protection. At stand-off less than 50 feet, costs will in- crease very rapidly due to increased structural framing requirements to achieve acceptable risk. At larger stand-off values, costs decrease to a pla- teau where conventional design requirements may govern. The cost components that may increase with increasing stand-off are those for land (site area) and perimeter protection. As noted above, the provision of increased stand-off results in increases in the distance to the defended perimeter, the area of the site, and the length of the perimeter that must be protected. Evaluation of the additional costs of hardening versus the costs of land and perimeter protection results in a general f unc- tion of “Total Protection Cost.” At stand-off values within the “limit,” the risk continues to increase with decreasing stand-off. Figure 2-15 illustrates the general characteristics of the cost and risk functions. Actual relative magnitudes and significance of individual c ost components will vary for each case considered; i.e., these relationships will be different for each building and site considered. Also, the fig ures shown represent trends for more modern “conventional construction” and do not necessarily apply to existing construction. Although the gen- eral trends may be the same, the optimum stand-off distances will vary substantially based upon the myriad types and qualities of construction techniques that have been used for an existing building. Although it is difficult to assign costs to different upgrade measures be- cause they vary, based on the site-specific design, some generalizations can be made. A general spectrum of site mitigation measures ranging from least to greatest protection, cost, and effort is provided in Figure 2-1 6. The intent of this figure is to give a broad sense of the potential correl ation be- tween protection, cost, and effort. DESIGN CONSIDERATIONS 2-30 Figure 2-16: Mitigation options for site and layout design arranged in approximate order (top to bottom) of least to greatest protection, cost, and effort. SOURCE: FEMA 426 Less Protection Less Cost Less Effort Greater Protection Greater Cost Greater Effort m Place trash receptacles as far away from the building as possible. m Remove any dense vegetation that may screen covert activity. m Use thorn-bearing plant materials to create natural barriers. m Identify all critical resources in the area (fire and police stations , hospitals, etc.). m Identify all potentially hazardous facilities in the area (nuclear plan ts, chemical labs, etc.). m Use temporary passive barriers to eliminate straight-line vehicular access to high-r isk buildings. m Use vehicles as temporary physical barriers during elevated threat conditions. m Make proper use of signs for traffic control, building entry control, etc. Minimize signs identifying high-risk areas. m Identify, secure, and control access to all utility services to the building. m Limit and control access to all crawl spaces, utility tunnels, and other means of under building access to prevent the planting of explosives. m Utilize Geographic Information Systems (GIS) to assess adjacent land use. m Provide open space inside the fence along the perimeter. m Locate fuel storage tanks at least 100 feet from all buildings. m Block sight lines through building orientation, landscaping, screening, and landforms. m Use temporary and procedural measures to restrict parking and increase stand-off. m Locate and consolidate high-risk land uses in the interior of the site. m Select and design barriers based on threat levels. m Maintain as much stand-off distance as possible from potential vehicle bombs. m Separate redundant utility systems. m Conduct periodic water testing to detect waterborne contaminants. m Enclose the perimeter of the site. Create a single controlled entrance for vehicles (entry control point). m Establish law enforcement or security force presence. m Install quick connects for portable utility backup systems. m Install security lighting. m Install closed circuit television cameras. m Mount all equipment to resist forces in any direction. m Include security and protection measures in the calculation of land area requirements. m Design and construct parking to provide adequate stand-off for vehicle b ombs. m Position buildings to permit occupants and security personnel to monitor the site. m Do not site the building adjacent to potential threats or hazards. m Locate critical building components away from the main entrance, vehicle circulation, parking, or maintenance area. Harden as appropriate. m Provide a site-wide public address system and emergency call boxes at readily identified locations. m Prohibit parking beneath or within a building. m Design and construct access points at an angle to oncoming streets. m Designate entry points for commercial and delivery vehicles away from high-risk areas. m In urban areas, push the perimeter out to the edge of the sidewalk by me ans of bollards, planters, and other obstacles. For better stand-off, push the line farther outward by restricting or eliminating parking along the curb, eliminating loading zones, or through street closings. m Provide intrusion detection sensors for all utility services to the building. m Provide redundant utility systems to support security, life safety, and rescue functions. m Conceal and/or harden incoming utility systems. m Install active vehicle crash barriers. DESIGN CONSIDERATIONS 2-31 Cost control is an area where the limited experience of security design and implementation presents a current problem. Comprehensive cost data is hard to obtain due to the relatively recent status of security d e- sign. Relatively little work has been published on the analysis of the comparative costs of alternative solutions, such as land costs for stand – off versus hardened structures, or the cost of physical solutions versus security operations. Non design options such as the comparative risks (and cost to mitigate) of different locations and tenant mixes, and the amount of increased rent that tenants are willing to pay for increased security improvement, must be subject to analysis and evaluation to en- able a comprehensive risk management plan to be developed. Cost management should be based on local cost information procured before the design process for budgeting purposes and during the design process for cost management purposes. Construction costs fluctuate and rapidly become out of date. Published indices attempt to ameliorate this problem, but they tend to be very broad in scope and are not very useful in application to a specific project. The state of the local market at the time of bidding and construction often has a major effect on cost. 1 2.6 CONClUSION T his chapter has provided a summary of the FEMA Risk Assessment procedure, which has been successfully used on many hundreds of buildings that belong to various government agencies. The summary is intended to explain the general concepts of the pro- cedure; for implementation of a complete risk assessment process, the reader should use the detailed guidance in FEMA 452. In addition, the reader is referred to FEMA 455, Handbook for Rapid Visual Screening. This procedure has been developed for use in assessing the risk of terrorist at- tack on standard commercial buildings in urban or semi-urban areas, and is intended to be applicable nationwide for all conventional buildin g types. It can be used to identify the level of risk for a single buildin g, or the relative risk among buildings in a portfolio, community, or neighbor – hood as a prioritization tool for further risk management activities. Similarly, the sections on explosive forces and cost have presented an in- troduction to these issues as a background to the design of risk mitigat ion measures. Designers involved in security design need to have a general understanding of the concepts behind these two important topics of analysis. 1 Some portions of this section are based on a paper by Douglas Hall, Smithsonian Institute, entitled “ A Performance Based Design Methodology for Designing Perimeter Vehicle Barriers for Existing Facilities Using the ISC Security Design Criteria” SECURITY DESIGN AND THE COMMUNITY CONTEXT 3 3-1 SECURITY DESIGN AND THE COMMUNITY CONTEXT 3.1 INTRODUCTION N o project or property exists in isolation. Community context is a way of referring to the many community networks of which the site is a component. Reference to the community con – text occurs through the planning, development, and operation of every project. For example, the utilities and roadway infrastructure is part o f a larger network; the customers, vendors, and employees are part of a larger business and social network; the ecosystems extend beyond the sit e boundaries. The community or larger context influences every project in many ways, including the choice of points of access, placement of build – ings, style of architecture, and choice of materials. When it comes to security, the risk assessment considers threats and vul – nerabilities on site and off. Off-site issues include physical character istics such as access to the property, views of the site, even wind patterns and to – pography that may disperse or concentrate CBR matter. The mission or operation of nearby facilities may increase the attraction of terrorists to the vicinity; the physical construction and proximity of adjacent structures could be the source of blast impacts on the projects. Likewise, security solutions may be developed off-site or in concert with neighboring prop – erties. Off-site issues include a district-wide approach to controlling access, providing screening, and sharing surveillance operations and information. Changes in roadways can slow speeds and limit traffic movements, thus modifying a design basis threat and the resulting design criteria for ef fec – tive barrier, size, strength, and placement. Thoughtful planning can solve security needs while maintaining or en – hancing existing community networks. Choice of design details and materials should reflect existing character and patterns. Four case studies in this chapter provide examples of how the design characteristics of a palette of security elements are used with differing materials and desig n details, based on the precincts of the cities where they are placed. Prior to considering security opportunities and developing security requ ire – ments for the risk management strategy, it is important to conduct the threat, asset value (consequences), vulnerability, and risk assessments. Procedures for conducting these assessments are summarized in Chapter 2, and de – tailed methodologies for conducting them are provided in FEMA 452, Risk Assessment, a How-To Guide to Mitigate Potential Terrorist Attacks against Buildings . SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-2 This chapter opens with a description of the “layers of defense” a pproach to site security design. The three layers establish clear demarcation lines at the interfaces of the neighborhood or community and the defended site, and between the site and the face of the building. The first lay er of defense is within the community. At the barrier between the first and second layers, the community looks towards and into the site, and the site looks outward into the surrounding neighborhood. At this interface, the defended perimeter shows a welcoming face to its neighbor or can be a bleak intruder on the urban scene (Figure 3-1). Hence, the next section discusses security design in relation to the con – text of the community, both in design solutions and by working with community representatives to ensure that community values are pre – served or enhanced. This involves working with the stakeholders of the project and negotiating a myriad of local, state, and federal regulation s. 3.2 THE THREE LAYERS OF DEFENSE T he FEMA/DHS Risk Management Series of publications uses the concept of layers of defense as a means to protect lives, properties and operations from terrorist attacks. The provision of layers of de – fense is a traditional approach in security engineering that has been us ed since ancient times to protect the occupants of a fortress or castle (s ee Chapter 1). The medieval castle employed a sequence of moats, walls, and towers to protect the heart of the castle, or asset; this strategy is st ill em – ployed today. The intent of the layered concept is to create a defense in depth by cre – ating cumulative successive obstacles that must be penetrated, thus providing additional warning and response time for security personnel and to allow building occupants to move to defensive locations or desig – nated “safe havens.” Penetration of the perimeter leads only to further defense systems that must be overcome to reach the assets. Each layer ha s its specific security strategies but, as will be seen, methods of defense are also sometimes shared between adjoining layers. Figure 3-1: The community/site interface and the layers of defense. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-3 This section deals with the basic concept of the layers of defense (Figure 3-2). Chapter 5 covers the layers of defense for typical open sites, and Chapter 6 discusses the defense measures for urban sites in which full d e – velopment of the three layers is restricted due to lack of space. The general layers of defense concept presupposes a spacious site with a vehicular approach to the defended building and on-site parking. The defended perimeter may or may not be the site property line. Egress and entry through the defended perimeter is controlled. 3.2.1 FIRST LAYER OF DEFENSE The first layer of defense refers to the neighborhood and community surrounding the site, including building construction types, occupan – cies, and the nature and intensity of adjacent activities. The community context is everything that exists outside of and up to the first layer of de – fense. The context can modify the design basis requirements of the fir st layer and also its appearance. The line of demarcation between the fir st and second layers is the defended perimeter. This impacts the experience of the adjacent public space. Visible barriers and controlled entry points provide visitors with their first impression of the nature of the secu rity measures and the quality of the welcome that the site offers. Figure 3-2: The three “layers of defense.” SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-4 It is important that the designers study the surroundings of the site to identify potential threats. GIS information, which may be available from local and state planning departments, and the FEMA HAZUS pro-grams are vital tools that can be used to identify the characteristics o f the site surroundings, since they can provide data on such topics as the building stock, essential facilities, hazardous materials, transportatio n systems, and demographics. Full understanding of the surroundings requires the involvement of many professional disciplines, including HAZUS and GIS experts. Many local and state agencies are also sources of information. A number of security and intelligence organizations are also a good source of information and data about the surroundings, including the local police department, the state police, and the FBI (Figure 3-3). Figure 3.3: GIS examples from HAZUS for the first layer of defense, depicting different critical infrastructure, the site perimeter, and surrounding buildings. SOURCE: FEMA HAZUS AND E155 APPENDIX A SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-5 Investigation of the surroundings should not be limited to a HAZUS-type site plan view, but should include overhead features such as overlooking buildings and tall structures, together with underground utilities and t un – nels and installation of risk mitigation measures. 3.2.2 SECOND LAYER OF DEFENSE The second layer of defense refers to the space that exists between the de – fended perimeter and the assets that require protection, usually one or more buildings or other facilities. Perimeter security can be augmented within the site by the placement of buildings; site circulation to pre – vent high-speed vehicular approach; landscape measures, such as earth berms to deflect blast; and the provision of stand-off distance. In ad dition, parking, pedestrian walkways, security lighting, signage, and site utilities are subject to security design. Many of these features are shared betwee n the first and second layers of defense. For the second layer of defense, the designers should also consider a 360-degree view in all planes and directions that includes features that are overhead and underneath the site surface, from overlooking vantage points to underground utilities. This investigation may involve many dif – ferent professional disciplines, such as security experts, land use plan ners, architects, landscape architects, civil and structural engineers, and other specialists that may be necessary to analyze a specific site and its interac – tion with the community. The primary strategy in planning the second layer of defense is to keep terrorists away from inhabited buildings, since blast loads decrease rap idly with distance (see Chapter 2, Section 2.4). It is a well-known fact th at it is less costly to achieve security through a good site design than to harde n buildings for blast protection. The cost trade-off is between the cost o f land to provide stand-off, together with barriers, and the cost of hard – ening the building envelope and structure. The trade-offs will also vary depending on whether a new or existing building is under consideration. A number of site elements may be used to create physical barriers, some natural and some man-made. Natural barrier elements include rivers, lakes, waterways, steep terrain, mountains, barren areas, plants, and other terrain features that are difficult to traverse. Man-made elements inc lude fencing, walls, buildings, bollards, planters, fountains, concrete barri ers, other heavy objects, and operable devices. The most important initial step in planning a site to resist terrorism is to prepare a comprehensive assessment of the man-made threats and nat – ural hazards, as was outlined in Chapter 2, so that protective measures can be designed that are appropriate and effective in the reduction of vulne r – ability and risk. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-6 As discussed in Chapter 2, for a given blast level, the stand-off distance is the single most important factor in determining the extent of damage. There is no ideal stand-off distance: it is determined by the type of threat, the type of construction, and desired level of protection, and will vary with each project. However, provision of sufficient stand-off distance is often not possible; some guidelines endorse a minimum of 82 feet for stand-off distance to protect against smaller threats, but in urban area s this is often impossible, since buildings may be less than 10 feet from the curb (Figure 3-4). The ISC recommends 50 feet as a minimum. Compromise in the level of protection may be necessary if extensive building hardening is prohibitive; an alternative is judicious hardening combined with increased surveillance and security personnel. Chapter 6 discusses in more detail methods of achieving reasonable site security f or the central business district. Figure 3-4: Recommended stand-off compared with sidewalks in urban areas. SOURCE: lEFT, FEMA 426 3.2.3 THIRD LAYER OF DEFENSE Detailed discussion of the third layer of defense is beyond the scope of this publication. This layer refers to the protection of the asset itsel f; it in – cludes the security-influenced design of typical building attributes — its overall configuration; the nature of the building envelope; structure; inte – rior space planning; nonstructural elements; mechanical, electrical, and plumbing services; and surveillance equipment (Figure 3-5). SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-7 Figure 3.5: Key elements of the third layer of defense. A key third level of defense concept is building “hardening”, or s trength – ening. In cases where sufficient stand-off distance is not available to protect a building, hardening of the building’s exterior envelope and structural systems to resist blast may be required, including design to prevent progressive collapse. Hardening a building can be very costly, es – pecially for existing buildings. Reinforced concrete is the most effective material, and precast concrete techniques may be able to reduce the cost of installation and business interruption. Less stand-off requires more mass and more steel for hardening, thicker and stronger glass, and bette r window frame connections to the building’s structural frame or walls. The first step when considering building hardening is to estimate the blast loads on the structure. A structural engineer must determine the building design features needed to achieve the desired level of protec – tion to ensure that no collapse occurs, and other life-threatening damag e is reduced to an acceptable level. The engineer must also work with the architect in the design of the building envelope. Envelope designers should aim to minimize hazardous flying debris during an explosive event, because most injuries result from glass fragments and debris from walls, ceilings, and other non-structural features. Window and glazing d e – sign vary widely in conventional construction and are normally the most fragile building envelope components. The overall hardening of the building envelope must be balanced by the concerted efforts of the architect and structural engineer to ensure tha t the columns, walls, and windows have approximately equal response to the design basis threat weapon at the available stand-off distance for the desired level of protection. ELEMENTS of ThE Third LayEr of dEfENSE m Architectural m Structural System m Building Envelope m Mechanical Systems m Plumbing and Gas m Electrical Systems m Fire Alarm Systems m Communications and IT SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-8 In the consideration of mitigation measures against CBR attacks, the building HVAC systems are of particular concern, because they can be – come an entry point and distribution system for airborne hazardous contaminants. Even without special protective measures, buildings can provide protection in varying degrees against airborne hazards that orig – inate outdoors. Conversely, the hazards produced by a release inside a building can be much more severe than a similar release outdoors. Because buildings allow only a limited exchange of air between indoors and outdoors, not only can higher concentrations occur when there is a release inside, but hazards may also persist longer indoors. To avoid this, protection against outdoor releases can be provided by in – terrupting or filtering the flow of outside air into the building. I f installed, HVAC air filtration and air-cleaning systems or segregation of HVAC sys – tems between high-threat and low-threat areas can reduce the effects of an internal CBR agent release, by removing or containing the contami – nants within a building. Building risk mitigation measures are discussed in FEMA 426 , Chapter 3, while CBR threats and protective design and other occupant protection methods are discussed in FEMA 426 , Chapter 5. They can be as simple as defining a protective action plan or as complex as exacting design mea – sures practical only for new construction. 3.3 DESIGN IN TUNE WITH THE COMMUNITY CONTEXT B efore September 11, 2001, communities were not forced to live with security beyond normal neighborhood police protection. Now, the community must learn to participate in the layers of defense strategy for the protection of a defended asset. The community must learn to live with security, and designers must be educated to understand security needs and to reconcile them with traditional urban design principles. The development of understanding of community- based security design — a design approach oriented to balancing amenity and public safety in major urban and suburban security projects — has become a necessity both for the community and the designers. The approach has the purpose of avoiding conflicts, such as compromised functionality and poor appearance, that can impact neighborhoods when security projects are not fully coordinated and comprehensively planned. Security solutions need to be very carefully planned to maintain the public amenities and aesthetic qualities in neighborhoods in which resi – dents and visitors feel welcomed, comfortable, and safe. This publicatio n recommends the adoption of security design that is in tune with the com – SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-9 munity context and objectives, rather than solutions that focus solely on individual project objectives. Community-based solutions encourage community participation and analysis to provide understanding that can influence the project design and ensure that it respects or even enhances the project neighborhood. It should be noted, however, that not all the el – ements of the security planning can be shared with the public, and tact and discretion must be used in dispensing information. Experience has proven that strategies are more easily accepted and ef – fective when worked out at the community level. The use of unobtrusive surveillance cameras throughout wide areas and across neighborhoods in London and Washington, D.C., exemplifies a community-level strategy. Traffic control on a district-wide basis and the sharing of security officers and equipment are other examples of community-wide operations. As more community-based solutions are developed and common strategies are applied to multiple projects within the same neighborhood, the ability to resolve conflicts and challenges will increase. Every design project, whether it is new construction or additional work for an existing project, begins with an assessment of existing conditions ( see Chapter 2). Typically, the risk assessment is completed before the site and building designers are hired. Using the risk assessment as background in – formation, security projects begin with studies that cover security issues, the community context, and neighborhood objectives. Sufficient time must be provided for adequate review and assessment of existing conditions to en – sure that community expectations are understood and design strategies are developed that are in balance with project security and community needs. The scope of the studies includes issues such as: m Identification and evaluation of existing physical features (topograp hy, planting areas, site walls, planters, and lighting) that might be incorporated into the perimeter security design. m Detailed early documentation of underground utilities and structures to enable the design team to avoid utility and foundation conflicts. This information may have major influence on the location of barrier system s. m Investigation of the existing conditions in the community (land use development patterns, site conditions, physical characteristics, transportation, etc.) provides important information for vulnerability assessment, design strategy, regulatory approval, and community acceptance of the project. m Preliminary identification of potential opportunities and conflicts between security and amenity can reduce later possible problems and delays. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-10 Table 3-1 is a tool to help analyze the relationship between the commu – nity context and the first layer of defense. It includes some question s and guidance that can assist in the collection and review of information on key existing conditions topics. Every site and community is different, so addi – tional topics may also be relevant. An analysis of these questions will help to determine the opportunities and constraints for project and security des ign. Table 3-1: Existing Conditions and Design Implications Topic Guidance Context What is the general nature of project setting — urban, suburban, or campus? Urban: first layer of defense. NYPD Suburban : first layer of defense. Campus : first, second, and third layers of defense. GOOGlE EARTH m The specific nature of the project context provides guidance for the design approach. m The density of urban sites provides many influences to evaluate – nearby buildings and land use, traffic patterns, streetscape plans, architectural character, limited area for loading and parking, conflicts with sightlines from other buildings and structures. The numerous utilities compete for the limited area below grade. Urban areas have regulations and guidelines that tightly control development. Requirements for pedestrian mobility and access to street level shops and services are critical and are often overlooked. m In suburban locations, more land area may be available for stand-off and queuing for inspection; sight lines are much more open. Vehicle circulation patterns are important. landscape solutions incorporating natural features may be more viable. Community networks for mass transit, trails, and parks should be preserved or enhanced. m A campus setting resembles a community within a community. In many cases, the campus may have shared its amenities and program with the outer community. Changes in security may change that relationship; for example, casual walking through the campus or walk-in attendance at programs may no longer be possible. Community networks may be interrupted. Visual impacts should also be assessed. A campus setting can provide advantages, allowing efficiencies in operations by placement of facilities and clustering low-risk and high-risk operations appropriately within the campus. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-11 Topic Guidance Land Use What are the existing land uses in the neighborhood of the site? Is the site proximate to public or private institutions, or centers for entertainment or attractions that draw significant traffic or visitors? Do planned land uses differ from the existing ones? Transportation Centers m The dominant development pattern may suggest an approach for treatment of the perimeter that is compatible with or enhances the existing relationships. m The functions of sites and buildings with large numbers of visitors may need special consideration in the design approach. m When future or planned land uses are significantly different from the existing development pattern, the design treatment should consider a design approach compatible with the future land use. m The design should avoid limiting access, egress, or circulation around transportation centers and make sure to consider each mode’s movements. Opportunities to relieve existing problems or limitations should be investigated. Development Patterns Does the surrounding development have common patterns, such as consistent setbacks and the building’s relation to the street? Is the site part of an historic district or adjacent to historic buildings or landscapes? What is the nature of the public realm including streets, sidewalks, etc? Determine if the design of the existing areas is successful, e.g. should it be a model for future conditions or are some improvements called for? What is the level of activity in this neighborhood? m The existing development pattern or architectural style can suggest a treatment for the perimeter in keeping with its neighborhood. m Historic districts, buildings, and landscapes can inspire and guide the design approach. For example the Washington Twin Globe light pole design by Henry Bacon (1923) with a polycarbonate globe and internal louvers can be installed on a heavy-duty base as part of a security barrier. m Every effort should be made to preserve the vitality of “on the street” activities that make busy urban districts successful. CPTED techniques to enhance security may be appropriate (see Appendix A). Table 3-1: Existing Conditions and Design Implications (continued) NCPC SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-12 Topic Guidance Scenic Vistas and Views Does treatment of the perimeter or development of the site impact any existing views and vistas? NCPC m lines of sight should be evaluated for views to and through the site. Placement of barriers in relation to buildings should be located to respect scenic vistas and views. NCPC Parks, Recreation, Open Space, Trails, and Bike Paths Does the site include access to or circulation through existing parks and open space? Can the site provide an opportunity to link existing parks? m Minimize interruption or closure of community access and mobility to parks and open space. m locate the perimeter barriers in ways that allow pedestrian access to use or expand local pedestrian networks (sidewalks, trails). Signage Does the community or district have a signage ordinance? m Proposed signage and wayfinding should be carefully designed to be compatible with design standards and signage regulations. This notice board is carefully designed to be compatible with its location and to function as part of the security barrier. Table 3-1: Existing Conditions and Design Implications (continued) NCPC SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-13 Topic Guidance CPTED What opportunities exist for CPTED? (See Appendix A.) m Consider the potential of areas adjoining the site boundaries to support natural access controls, natural surveillance, or territorial reinforcement. Community Facilities Are there any community facilities that will be interrupted, closed, or impacted by the security design? m look for opportunities to maintain, complete, or enhance access to public facilities. m Maintain a sense of openness within the community. Roads and Access Are there any existing conditions that could be improved through the security design? Are there any areas where the security design may create new negative impacts? NCPC m Proposed configurations for access, queuing, inspection, and stand-off can be planned to address improvements of existing traffic problems and reduce approach speed and divert from a direct path. m Proposed configurations for access, queuing, inspection, and stand-off should maintain or enhance existing traffic flows. This inspection station allows traffic to pull off the main road for queuing, and multiple lanes offer greater capacity. Transit Are there any transit stops, stations, or approaches to stations near the site? m Perimeter design should aim to maintain or improve routes, stops, and access to transit for vehicles or pedestrians. Table 3-1: Existing Conditions and Design Implications (continued) NCPC SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-14 Topic Guidance Access for Emergency Response How will emergency responders access the site and adjacent areas? m Perimeter design should not impair access to the site, building, and adjacent areas by emergency responders. Make sure that fire lanes are well marked and access to stand pipes and hydrants is open and clearly visible. Maintenance Does the design support ongoing maintenance of streetscape, utilities, streets, and sidewalks? m Design should allow for regular and routine maintenance to be performed. Underground Infrastructures What exists below grade beneath roadways and sidewalks? m Design should accommodate underground utilities, vaults, etc. This may constrain the placement of bollards and other barriers that require deep foundations. Mature Streetscape and Trees How will the design impact the existing streetscape? m Proposed solution should minimize impacts and interruptions to existing streetscapes and plantings. Mature trees may be incorporated in a barrier system, although there are limitations on their use, as discussed in Chapter 4, Section 4.4.4. Table 3-1: Existing Conditions and Design Implications (continued) SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-15 Table 3-2 shows bad and good examples of response to community con – text. It illustrates some instances of how key opportunities to develop designs for security in support of community vitality can be realized through the active collaboration of owners, developers, planners, and de – signers, compared to characteristic instances where opportunities have been missed. Table 3-2: Community Design Issues and Design Opportunities Inappropriately Implemented Security Opportunities to Enhance the Community Through Good Design Design of each project without consideration for overall community impact can result in an unattractive and incoherent district. Adherence to community guidelines and cooperation in the review process can help to create an attractive district and streetscape. Poor design or the wrong design details can inadvertently draw too much attention to the security design and make tenants and neighbors feel more vulnerable and threatened. NYPD The appropriate design can blend security into the existing streetscape or community without drawing attention to it and serve as amenities for tenants and neighbors. NCPC Installation of poorly located perimeter barriers can interfere with or eliminate existing pedestrian patterns and trails and create a negative community response. NCPC Perimeter barriers can define pedestrian zones and may increase the safety of pedestrians by separating them from vehicular traffic. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-16 Inappropriately Implemented Security Opportunities to Enhance the Community Through Good Design Improperly designed perimeter barriers are unattractive and detract from surrounding architecture, streetscape, and community character. This can have a negative impact on leasing, sales, and project acceptance. NCPC Well-designed perimeter barriers can be in tune with and enhance local programs for streetscape improvements, such as street tree planting, while improving the overall security of the project. NCPC Queuing for security checkpoints can back up into adjacent curb lanes and roadways, slowing everyone’s travel. NCPC Properly designed, queuing does not interfere with traffic patterns when an adequate holding area is provided. Separate enclosed queuing area for pedestrian screening and inspection. Implementing stand-off distance as the preferred security strategy, without consideration of the full range of potential costs and solutions, can accelerate sprawl and costs to local communities by reinforcing a pattern of isolated developments that requires the extension of services. The lack of land in urban areas or high land cost in central business districts may mean that a hardened building or enhanced security and surveillance are better solutions than stand-off distance. Table 3-2: Community Design Issues and Design Opportunities (continued) SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-17 Inappropriately Implemented Security Opportunities to Enhance the Community Through Good Design Typically, projects have to comply with many different regulations and review processes from multiple agencies. Waiting too long to consider how regulations or policies interact with security design may hinder the achievement of an effective, creative solution without schedule and budget overruns. Understanding all the project parameters and criteria early on allows the project team plenty of latitude to find the best solution for security in balance with other requirements. NCPC Case Study 1, from the NCPC Urban Design Plan, shows the different neighborhoods into which Washington has been divided, based on their urban design and functional character, and shows how the same palette of hardened street furniture can be modified to respect the neighborhood context. Different design and different materials provide the same level of security. Table 3-2: Community Design Issues and Design Opportunities (continued) CaSE STUdy 1: ThE NaTioNaL CaPiT aL UrBaN dESiGN aNd SECUriTy PLaN 1.0 iNTrodUCTioN The National Capital Planning Commission (NCPC) Urban Design Guideline s for Washington, D.C., subdivided the District into contextual areas, each with a unique character and design style. Security design for each of these precincts is developed to be compatibl e with the overall urban design setting. This case study is an example of site security design wi thin the community context. Washington, D.C., is known for the National Mall and many other open park s and attractive public spaces. However, after September 11th, 2001, temporary barriers and fortifications became a common sight in the Nation’s Capital. In 2002, a group of nationally recognized landscape architects, urban de signers, and security experts assisted the NCPC in preparing a design framework and implementation strategy titled, the National Capital Urban Design and Security Plan . The plan focuses on preserving parks, streetscapes, and public spaces in Washington’s monumental core and downtown neighborhoods, while protecting public buildings and neighborhoods from vehicle-borne explosives. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-18 CaSE STUdy 1: ThE NaTioNaL CaPiT aL UrBaN dESiGN aNd SECUriTy PLaN (continued) CoNTExTUaL arEaS, MoNUMENT aL STrEETS, aNd MEMoriaLS 1.1 Project Scope The goal of the National Capital Urban Design and Security Plan is to coordinate design and installation of streetscape projects, integrating building perimeter sec urity and restoring the beauty, openness, and accessibility that have traditionally defined the city. The study was completed 2002. 2.0 dESiGN aPProaCh The design approach is motivated by six goals: 1. Appropriate balance between the need for security and the need to mainta in the vitality of the public realm 2. The provision of security within a larger context of streetscape enhance ment and beautification of the public realm SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-19 CaSE STUdy 1: ThE NaTioNaL CaPiT aL UrBaN dESiGN aNd SECUriTy PLaN (continued) 3. The creation of an expansive palette of elements that gracefully provide security while avoiding monotony and clutter 4. A coherent strategy for applying “families” of streetscape and security elements that achieve aesthetic continuity within neighborhoods, rather than focusing on the needs of a particular building 5. Provision of perimeter security in a manner that does not impede pedestr ian and vehicular mobility, impact the health of existing landscape elements of historic character , or disrupt the commerce and vitality of the city 6. Efficient and cost-effective coordination of implementation STrEETSCaPE SECUriTy ELEMENTS FEMA 426 SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-20 CaSE STUdy 1: ThE NaTioNaL CaPiT aL UrBaN dESiGN aNd SECUriTy PLaN (continued) 3.0 ELEMENTS iNCorPora TEd first Layer of defense m Creating “families” of coordinating streetscape components that can be hardened to incorporate security and that are designed to relate to different contextual areas of the NCPC plan. Second Layer of defense m A design approach that creates a sense of community and protects, without diminishing image and quality of life for residents and visitors. Third Layer of defense m This case study does not address building hardening, operational procedures, or surveillance. 4.0 BLENdiNG WiTh ThE NEiGhBorhood CoNTExT The image of the District and the quality of life experienced by its inhabitants and visitors have suffered in recent years, without a unified, coordinated approach to security design. Temporary or repetitive security elements detract from the existing character of the city, disrupting pedestrian movement throughout the city as well as potentially blocking evacuation routes and emergency access. This guide offers ideas and a process toward a unified, well- coordinated approach to urban design and security. 5.0 iNNoV aTioNS aNd BEST PraCTiCES The National Capital Urban Design and Security Plan discusses the diversity and character of its urban setting, and the importance of working within the existing context, for a more successful, holistic approach to urban and security design. By breaking the city into distinct neighborhoods, and illustrating how “families” of design elements could be used to create a cohesive community experience and sti ll accomplish the required goals, the plan offers a framework for design that promotes an open dialogue between security and urban design strategies. The published plan demonstrates a planning framework and also provides o ther examples in response to these issues. It continues to be a key reference for how to approach neighborhood contextual design for security. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-21 Case Study 2 shows an analysis of existing conditions and how the se – curity design responds. The building is located on the National Mall in Washington, D.C., and the security design respects the framework of the NCPC National Capital Urban Design and Security Plan . A design treatment is developed that reflects the open spaces to the n orth, the streetscape of each side of the project, the character of the histor ic buildings in the neighborhood, and the design of security features from nearby buildings. The technical conditions include the dimension of the available stand-off distance, which varies on each side of the building, the adjacent surface and on-street parking, underground utilities and vaults, the types of uses within the building that need protection, and the loca – tion of loading zones and parking entrances. CaSE STUdy 2: aNaLySiS of ExiSTiNG CoNdiTioNS aNd ThE SECUriTy dESiGN rESPoNSE 1.0 iNTrodUCTioN An analysis and concept plan for four buildings for the United States De partment of Agriculture (USDA) on the National Mall was conducted, beginning in December 2003. Studies were made of the existing conditions for the Whitten Building, South Building , Yates Building, and the Cotton Annex, along each of the buildings’ four perimeters. Analyses were then used to create a conceptual plan for permanent security perimeter upgrades. This case study will focus on one of the four sites: The Whitten Building. The Whitten Building was constructed between 1904 and 1930 and is the on ly Presidential Cabinet level office building on the Mall. Bordered by 14th Street, on e of Washington, D.C.’s major emergency evacuation routes; Independence Avenue, which flanks the National Mall; the 12th Street Tunnel; and Jefferson Drive; the site boasts several parking lots and a v ehicle ramp that provides below-grade access to the building, when heightened security is required. 2.0 ProJECT SCoPE Pedestrian and vehicular circulation plans, including key entrances and exits, were identified, along with analysis of vending areas, guard booths, and visitor centers. In addition, the study located the closest Metro entrances, bus stops, and all street parking o ptions adjacent to the site, as well as memorials, retaining walls, specimen trees, and notable topog raphy, analyzing their condition and use. All of this carefully collected and cataloged information was then used to highlight the significant challenges and opportunities offered by the site. The goal is to attain the most setback pos sible in this tight urban environment, while integrating new perimeter security e lements seamlessly into the existing neighborhood vocabulary. The study completed in 2004. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-22 CaSE STUdy 2: aNaLySiS of ExiSTiNG CoNdiTioNS aNd ThE SECUriTy dESiGN rESPoNSE (continued) ExiSTiNG SiTE PLaN SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-23 CaSE STUdy 2: aNaLySiS of ExiSTiNG CoNdiTioNS aNd ThE SECUriTy dESiGN rESPoNSE (continued) ProPoSEd PLaN 3.0 dESiGN aPProaCh 3.1 issues addressed m High-profile, high-traffic area, adjacent to the National Mall m 14 access drives (six existing parking lots and a vehicle ramp to below -grade access) requiring protection m Perimeter needed to accommodate emergency egress 3.2 Security Strategy first Layer of defense m Increase stand-off and maintain a perimeter that allows access to emerge ncy exits, with hardened, retractable bollards for controlled entry BUiLdiNG SECTioNS SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-24 CaSE STUdy 2: aNaLySiS of ExiSTiNG CoNdiTioNS aNd ThE SECUriTy dESiGN rESPoNSE (continued) Second Layer of defense m Maintain open feel and unimpeded pedestrian access to generous lawn and memorial trees on site, with bollard fences m Combine retaining and free-standing walls with low shrub beds to provide both deterrent and screen BUiLdiNG SECTioNS BUiLdiNG ELEV aTioN SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-25 CaSE STUdy 2: aNaLySiS of ExiSTiNG CoNdiTioNS aNd ThE SECUriTy dESiGN rESPoNSE (continued) BUiLdiNG ELEVaTioN Third Layer of defense m Appropriate modifications to the building 4.0 BLENdiNG WiTh ThE NEiGhBorhood CoNTExT m Maintaining a generous area of lawn, respecting the significant, historic, and open character of the National Mall m Creating a consistent unified streetscape vocabulary that works within the larger framework of the National Capital Urban Design and Security Plan SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-26 CaSE STUdy 2: aNaLySiS of ExiSTiNG CoNdiTioNS aNd ThE SECUriTy dESiGN rESPoNSE (continued) 5.0 iNNoVaTioNS aNd BEST PraCTiCES m A campus-wide approach to security allows several buildings in a common neighborhood to pool their resources and to develop a “family” of common design elements and materials. m A contextual approach incorporates security seamlessly into the existing urban fabric of the neighborhood. m Detailed analyses of existing site features enables designers to make t he best use of resources and to incorporate new elements into a cohesive plan SOURCE: SHAlOM BARANAS ASSOCIATES, ARCHITECTS & EDAW, INC. 3.4 WORKING WITH STAKEHOLDERS M ost jurisdictions have plans and policies that describe the fu – ture development of the community that must be considered during any major project design review and approval process. In addition to official public plans and policies, private sector trends and activities need to be identified through discussion with local “mov ers and shakers,” who may provide useful input into design strategy and d i – rection. The stakeholders are all those individuals or groups who hold an interest in the project outcome. There are both internal and external stakeholders. Internal stakeholders include all those with a financial in – terest in the project, such as the owner/developer and potential tenants and users. External stakeholders are those living and working outside the project boundaries that have some relationship with the project as observers, suppliers, and visitors. They may include individuals and neigh – bors; businesses, local, regional, state, and federal government agencie s and departments; community groups and organizations such as historic preservation societies; “friends of” groups for parks or the environment ; neighborhood associations; churches; colleges; and schools. Some of the considerations involved in working with the stakeholders are: m Local government agency personnel can often help to identify local stakeholders and their areas of concern. m The best solution will clearly respond to stakeholders’ priorities so that they will feel that their concerns have been heard and fairly assessed, even if they cannot be fully satisfied. m Face-to-face dialogue is the best way to identify stakeholders, develop relationships, and understand concerns. Many groups SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-27 also have websites, publications, staff, or other ways of providing background information. m Establishment of familiarity with the community is the key to finding the project stakeholders. Those individuals and groups with geographic knowledge, subject matter, and regulatory interest should be sought out. m Distinguish early on between those who share the same interests as the project, and become possible local “project champions,” and those who can harm the project’s design, approval process, and success. m Some stakeholders may have unique knowledge and insights that may benefit the project’s strategy, so early and frequent dialogue with them can be helpful in shaping a good design solution. m Stakeholders can often provide a more subtle, accurate, and practical level of information about existing and future conditions than the information provided through published documents and official policy statements. m Stakeholders may have concerns about the threat assessment, regarding it as too high or too low. m Recognize that security concerns are only one aspect of the stakeholders’ total range of interests. m Security requirements may be seen to conflict with other community development strategies, such as smart growth, creation of a “walkable” environment, and urban design objectives. m Security measures may be seen as affecting accessibility and environmental quality. m A few stakeholders may hold definite positions for or against the project while many just want to know what it is and how it will affect the future. m The stakeholders can influence regulatory approval of a project or delay it, so their acceptance and support are highly desirable. Case Study 3 describes the process used to provide protection for an iconic site: the Mies van der Rohe Chicago Federal Center. Many govern – mental and public stakeholders were involved in the process, including the original project architect for the complex, with the result that sec u – rity provisions are in complete harmony with the original design and the openness of the site is preserved. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-28 CaSE STUdy 3: ThE MiES van der rohE ChiCaGo fEdEraL CENTEr 1.0 iNTrodUCTioN The Federal Complex in Chicago, Illinois, consists of three iconic Mies van de Rohe buildings located within the loop in Central Chicago. The Everett Dirksen Courthouse is 383 feet high and stretches almost the entire length of the block. The John Kluczynski Adm inistrative Building is 545 feet high. The open plaza contains the one story, 197-foot-square Post Office Building. A parking garage is located underneath the plaza. The complex was designed and constructed between 1959 and 1974. The plaza was designed to serve city needs for public communal space, such as farmers’ markets and public gatherings, and includes a large Alexander Calder sculpture. The plaza and its sculpture are Chicago landmarks and significant tour ist attractions. 1.1 Project Scope The project involved the design of effective security measures that woul d preserve the unique architectural character of the complex and contribute to the greater con text of the City Beautification Program. 2.0 dESiGN aPProaCh 2.1 issues addressed m High-profile public space, frequent site of large assemblies m Bounded on all sides by narrow streets and large buildings with little s etback m Design of buildings with open ground floors to provide easy access and to open up one street to another was unfavorable to security design m Need to arrive at a design consensus among many stakeholders SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-29 CaSE STUdy 3: ThE MiES van der rohE ChiCaGo fEdEraL CENTEr (continued) 2.2 design Process m Conduct a security-conscious site analysis: establish perimeter protection zone, identify types of tenants, identify existing security performance, identify limitations in achieving layers of defense and identify vehicular/pedestrian flexibility to accommodate c hanges m Planning and design process involved local government, the client agencies, and the public. Peer review group instituted, consisting of client representatives, secu rity experts, educators and leading practitioners. m Meetings and workshops held with client agencies, city officials, and other public and private entities with a vested interest in the project. m Identification of clear goals, the scope of desired preservation, and the framework for minimum compliance (acceptable risk) m Utilization of CPTED principles in design process m Initial development of large number of design alternatives. BarriEr W aLL aLTErNa TiVE SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-30 CaSE STUdy 3: ThE MiES van der rohE ChiCaGo fEdEraL CENTEr (continued) BarriEr WaLL aNd BENCh aLTErNa TiVE 2.3 Security Strategy first Layer of defense m Stand-off provided with bollards, granite blocks, and benches designed to harmonize with the building architecture and materials m Multiple layers of bollards placed at each of the protected sidewalk corners to respond to direct vehicular impact from the street intersections Second layer of defense m Barriers and planting within the plaza to provide unobtrusive barriers w hile allowing public openness. Third layer of defense m Appropriate defense measures depending on the nature and location of ass ets. 3.0 BLENdiNG WiTh ThE NEiGhBorhood CoNTExT m Consistent vocabulary that harmonizes with existing materials and forms SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-31 CaSE STUdy 3: ThE MiES van der rohE ChiCaGo fEdEraL CENTEr (continued) m Preservation of sense of openness m Planting that enhances the environment throughout all seasons of the yea r SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-32 CaSE STUdy 3: ThE MiES van der rohE ChiCaGo fEdEraL CENTEr (continued) 4.0 iNNoVaTioNS aNd BEST PraCTiCES m Well-organized planning and design process enabled design goals to be ach ieved. m Overall solution complements character of the building complex, yet prov ides heightened security performance. m Sense of openness is preserved SOURCE: .PHOTOS AND DRAWINGS PREPARED FOR US GENERAl SERVICES ADMINISTRATION BY TENG AND ASSOCIATES AND BASED ON POWER POINT PRESENTATION BY ASTRID S. HARYATI AND CONTRIBUTIONS BY ROBERT THEEl, ARCHITECT, GSA CHICAGO 3.5 THE IMPACT OF REGULATORY REQUIREMENTS R egulations at the local state and federal level may impact and con – trol some aspects of the site security design and implementation. It is also expected that continuing building security needs result in new regulations and codes that may affect projects. Some consider – ations are: m Identification of these requirements early in the design phase is essential to smooth the design and approval process. m Regulations typically originate from many different sources, often to deal with unrelated defects and concerns, so there may be inherent inconsistencies and conflicts to navigate. Conflicts between policies and regulations from different agencies are not uncommon. When this occurs, the designers should identify and discuss potential conflicts early in the design process, and then meet with relevant regulatory agencies to resolve conflicts between project requirements and codes, guidelines, standard s, and policies. m In order to identify the relevant agencies and their roles, precise knowledge of the geographic location and historic and existing conditions of the site are necessary. The Freedom Tower at the World Trade Center site in New York had to be substantially redesigned and relocated, because it did not meet the stand-off distance and other requirements of the New York Police Department. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-33 m Sometimes jurisdiction is established by simple presence within a city, town, county, or state (e.g., the city zoning code or the state tree regulations). In other cases, characteristics of the property itself ma y establish whether regulations apply, such as presence of wetlands, step slopes, or endangered species. The project team should check federal, state, regional, and local jurisdictions for applicable land use, zoning , historic preservation, and other planning considerations. m Complete familiarity should be established as to the relevant process and timelines for local review and approval processes by early consultation with staff of the regulatory agencies. m Pre-meetings to discuss the project, the risk management strategy, and potential issues and opportunities can be very beneficial. Meeting with planning department officials to explain the project needs before filing for approval provides the reviewers with a better understanding of the project for their review process. Table 3-3 identifies various local regulatory topics, issues, and impacts that are expressions of community goals and requirements that may influence the development of the security solution. Table 3-3: Regulatory Topics, Issues, and Impacts Topic Development and Design Issues Security Design Impact Environmental Features Certain types of environmental areas may prohibit or restrict development. These include wetlands, flood plains, coastal zones, certain types of habitat, steep slopes, etc. Federal controls include those administered by EPA and DOE. State and local agencies also regulate environmental protection and conservation. Presence of these environmental features can impact placement and design of perimeter barriers, access, and buildings. Historic Preservation The National Historic Preservation Act (NHPA) restricts demolition, modification, and renovation of registered historic structures. State historic preservation officers and local historic preservation districts and departments should be consulted. Historic districts often have design standards and regulations that control design and materials of adjacent new construction. Historic preservation constituencies may be well-organized and vocal stakeholders that should be recognized in community assessment process. Land Use land use policies address land use types, density, availability and capacity of utilities, and transportation planning, as well as identifying locations of districts with district design standards. land use is usually regulated at a local and/or state level. land use planning documents describe the future directions for development or development control. It may provide guidance on the project design strategy and suggest opportunities to align with the community strategy. Strategies for smart growth and transit friendly and walkable communities may conflict with security strategies for stand-off and secured perimeters. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-34 Topic Development and Design Issues Security Design Impact Zoning Zoning describes permitted uses, development controls (height, density, coverage or floor area ratios), sign regulations, and fencing. Zoning is usually a matter for local governments. Zoning may prescribe quantities of parking, open space, and landscaping. Zoning may prescribe minimum setbacks and types of landscaping and fencing that can be used to control the site perimeter, as well as the placement and development envelope for buildings. Economic Development Economic development programs address community policy and planning issues. Economic development programs at the local, state, or federal level may provide funding or expertise to support security or other aspects of the project. Federal, state, or local funds may be available for redevelopment of public rights of way and streetscapes that could support the perimeter security design. Design Guidelines Many office parks and planned communities also have design guidelines, a detailed set of non- governmental “regulations” that prescribe colors, building materials, architectural styles, and detailed design approaches. These guidelines provide specific input about the acceptable design solution, specifying materials, colors, and installation of fences, lighting, and signage. Transportation Capital improvement programs are multi-year implementation programs that describe recommended and funded transportation projects at local, state, and federal levels. These may include all modes: roadways, parking, sidewalks, trails, bikeways, transit, rail, etc. Implementation and timing of these programs can have significant impacts on the circulation to and access into projects. Security concerns may impact the design of roadways, including radius of curves, directions of traffic, and street closures. DOTs and DPWs Public Works or Transportation Departments manage street and sidewalk standards, on-street parking and meters, vendors and newspaper boxes, and other roadway and roadside elements. Standards and codes for these elements and operation of these programs can have significant impacts on the circulation to and access into projects. Use of hardened streetscape items may conflict with existing standards for underground utilities, streetlights, parking meters, or sign posts. Fire Marshal There are very specific access requirements and identification of clear zones for fire trucks to be addressed in site and building design. The fire marshal is a key local official. Emergency access to the site must be assured. Pedestrian Mobility local public works departments often have standards for trails, sidewalks, and bikeways. Standards for walkways, trails, and bikeway systems that may be included on the site should be consistent with adjacent networks. The Americans with Disabilities Act (ADA — a federal law) requirements must be satisfied for all sidewalks and pedestrian-accessible areas. Table 3-3: Regulatory Topics, Issues, and Impacts SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-35 Case Study 4 shows a security solution that is built to service an existing district rather than an individual project, by using a variety of well-d e – signed elements to harden a site without creating monotonous lines of barriers. Vehicular movement is controlled by subtle modifications of roadway design. CaSE STUdy 4: BaTTEry P arK CiTy STrEETSCaPES ProJECT 1.0 iNTrodUCTioN Since the attacks of September 11, 2001, government buildings and other high-profile institutions and organizations are more aware of their vulnerability. Response to the perceived threats has been quick and not always well planned or executed, often usurping space that was once open and accessible to the public. Battery Park City, a 90-acre planned community that is built on land fill, created in 1 976 from the excavation of the World Trade Center and other properties in the neighborhood, occupies the southwestern tip of Manhattan. The site of the World Financial Center and numerous commercial, retail, and residential buildings, Battery Park City is bounded to the east by West Street and to the west, north, and south by a tidal estuary of the Hudson River. Rogers Marvel Architects was hired to evaluate the existing conditions of the stre etscape in Battery Park City and to make urban design recommendations to increase the secur ity of the area. In the process, they explored ways to reclaim public space by evaluating se curity issues as part of the overall fabric of the existing neighborhood. The result is an overar ching plan for protection that uses innovative techniques to create subtle deterrent features with in the streetscape plan without compromising the experience of the neighborhood’s public spaces and controls access by redesigning approach routes and traffic flow rather than throwing up barricades. The project won the AIA Institute Honor Award for Regional and Urban Design and the ASlA Honor Award in Analysis and Planning in 2005. 1.1 Project Scope Responses to vehicular threats are considered in relation to the particular context of the Battery Park City neighborhood, requiring study of the specific approach and m ovement of vehicles within neighborhood streetscapes. With the help of a Creative Research and Development Agreement (CRADA) with the U.S. Army Corps of Engineers Mobility Division in Vicksburg, Mississippi, the design team is able to gain insights from military defensive techniques and barriers, which are tested and then re-scaled to fit into the urban streetscape context. The neighborhood is analyzed and redesigned to balance the desire for se curity with the importance of quality of life and public space for the residents and visitors of Battery Park City. Security measures are integrated into the public urban space, with the h ope that they will add benefit to the community and provide protection if ever it is needed. This project was completed in 2006. SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-36 CaSE STUdy 4: BaTTEry P arK CiTy STrEETSCaPES ProJECT (continued) BaTTEry ParK CiTy NEiGhBorhood SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-37 CaSE STUdy 4: BaTTEry P arK CiTy STrEETSCaPES ProJECT (continued) 2.0 dESiGN aPProaCh 2.1 issues addressed m High-traffic area – with the crossing of pedestrians, bicy clists, and ferry passengers m Bus and taxi queuing m Concentration of commercial vehicles m Highest level of security required for World Financial Center m long uninterrupted vehicular approaches m On-street security check in high traffic area m Parks, benches, and ball fields immediately adjacent to traffic 2.2 Security Strategy first Layer of defense m Various risk mitigation measures to reduce vehicle speeds, improve pedestrian safety, and reduce the threat of vehicle approach velocities. Second Layer of defense m Fence-e nclosed dog run with reinforced shade structures – protective setback with an added benefit to the public m Use of Tiger Trap to create collapsible fill vehicle traps Third Layer of defense m Appropriate modifications to the buildings will increase the overall s ecurity of the site and its inhabitants SECURITY DESIGN AND THE COMMUNITY CONTEXT 3-38 CaSE STUdy 4: BaTTEry P arK CiTy STrEETSCaPES ProJECT (continued) 3.0 BLENdiNG WiTh ThE NEiGhBorhood CoNTExT m Existing streetscape element – cobble band – incorporated as break away cover for pit trap system m Adjusted curb lines to increase stand-off, ease pedestrian movement, and organize vehicular traffic patterns 4.0 iNNoV aTioNS aNd BEST PraCTiCES m Urban issues are reviewed in conjunction with security needs in order to synthesize a solution that satisfies both, while accentuating the neighborhood’s character a nd its residents’ quality of life. m Military defensive techniques and barriers are studied and tested, and then re- scaled and adapted to fit into the urban streetscape context. m Investment in security serves a dual purpose, protecting and providing public benefit. m looking beyond setback distance, which can be scarce in an urban setting, to the larger experience of the site – controlling access and speed of approach to the site, hardening existing site features to add to layers of on-site security, and incorporating clear and consistent signage. 3.6 CONCLUSION T he project design strategy should seek the maximum benefit for the greater community. Consideration must be devoted as to how the project design and security measures will impact local trans – portation, accessibility, views, historic districts and recreation. A project that is compatible with its community and adds value to local resources develops support for its approval and is more attractive to future tenan ts and buyers. perimeter security design 4 4-1 Perimeter security design 4.1 intrOductiOn p erimeter security is designed to protect employees, visitors, and building functions and services from threats such as unauthor – ized vehicles approaching close to or penetrating high-risk buildings. The key element in protecting buildings from a vehicular bomb is the establishment of appropriate stand-off distance, depending on the size of the threat and the building characteristics. This is acco m – plished by a protective barrier system placed to provide at least minimu m required stand-off. In an urban situation, this is often not possible, a nd al – ternative measures must be taken. These are discussed in Chapter 6. The barrier may be along the site property line or, within a large site or campus, placed independently of the property line. When along the prop – erty line, the barrier forms the interface between public and private space, and thus, in an urban setting, it may have major visual and functional i m – pacts on city amenities. If the barrier is within the site, it may have a major impact on the visual appeal of the site and the experience of the ap – proach to the building. A perimeter security design involves two main elements: the perimeter barrier that prevents unauthorized vehicles and pedestrians from en – tering the site, and access control points at which vehicles and pedestrians can be screened and, if necessary, inspected before they pass through the barrier. Barrier system design and types of barriers are described in this chapter. Access control points are described in Chapter 5, Section 5.3, and Chapter 6, Section 6.5, for open and urban sites, respectively. The following are suggested as some of the goals of perimeter security planning: m To provide an appropriate balance between the need to accommodate perimeter security for sensitive buildings and their occupants, and the need to maintain the vitality of the public realm. m To provide security in the context of streetscape enhancement and public realm beautification, rather than as a separate or redundant system of components whose only purpose is security. * Perimeter security design 4-2 m To expand the palette of elements that can gracefully or unobtrusively provide perimeter security in a manner that does not clutter the public realm, while avoiding the monotony of endless lines of jersey barriers or bollards which only evoke defensiveness (see Section 4.6.2 for an example of an innovative unobtrusive security element). m To produce a coherent strategy for deploying specific families of streetscape and security elements in which priority is given to achieving aesthetic continuity along streets, rather than solutions selected solely by the needs of a particular building under the jurisdiction of one owner or agency. m To provide perimeter security in a manner that does not impede the city’s commerce and vitality , nor excessively restrict or impede operational use of sidewalks or pedestrian and vehicular mobility, or impact the health of existing trees. Perimeter protection may participate in all three layers of defense. The first layer applies when the access control is outside the propert y line. The second layer applies when there is controlled access around a building within the property line. The third layer applies to under – ground parking, or parking underneath a plaza (see Chapter 6, Section 6.4). It also applies when the access control is at the building face. Perimeter security protection is accomplished by design strategies that use a variety of methods to protect the site. The two following sections provide some broad guidelines for the design of barrier systems and de – tails of the characteristics of barriers currently in use. 4.2 BArrier system design 4.2.1 issues Of B Arrier systems design t he architecture and the landscaping of the site entry elements are the first part (and may be the only part) of the project that is visible. As such, they introduce the identity of the site and its ar – chitectural style and quality, and impart a sense of welcome or “stay away” (Figure 4-1). Sidewalks should be open and accessible to pedestrians to the greatest e x – tent possible, and security elements should not interfere with circulation, particularly in crowded locations. Perimeter security design 4-3 Issues to be considered in the design of the barrier system include: m To ensure protection to the desired level, the design and selection of barriers should be based directly on the design base threat assessed for the project, as well as available countermeasures and their ability to mitigate risk. m The barrier layout at sidewalks should be such that a constant clear path of 8 feet or 50% of the sidewalk, whichever is the greater, should be maintained. m For buildings with a yard, security elements should be placed in or at the edge of the yard depending on available space and stand-off. m All necessary security elements should be installed to minimize obstruction of the clear path. If it is necessary for space reasons to place elements at the curb they should be placed in an available amenity strip adjacent to most curbs, since this space is already designated for stree t furniture and trees and is not part of the existing clear path. m Any security (or other) object placed on the curb should be at least two feet from the curb line to allow for door opening and to facilitate passenger vehicle pick-up and drop-offs, if this can be done anywhere along the curb. However, the most effective placement is at a maximum of two feet: this allows the barrier to engage the engine block and mass of an approaching vehicle before the tires have impacted the curb and begun to launch it over the barrier. Ideally, drop-off points should be located in pull-over or stopping points where the setback is greatest. At a distance of more than two feet, the curb can become a major factor in barrier height requirements and in reducing their effectiveness. Figure 4-1: c ustom bollards match the architecture at a defended corner. Perimeter security design 4-4 m A bollard barrier system is less intrusive if it is short in length and thoughtfully integrated into the entire perimeter security system. The bollard materials should harmonize with the building architecture. Figure 4-2 shows a small row of bollards protecting a building entrance. The custom-designed stainless steel bollards harmonize well with the building architecture. m Monotonous repetition of a single element should be avoided. Block after block of the same element, no matter how attractive, does not create good design (Figures 4-3 and 4-4). When a continuous line of bollards approaches 100 feet, they should be interspersed with other streetscape elements, such as hardened benches, planters, or trees. Figure 4-2: stainless steel covers on bollards harmonize with the building entrance. Figure 4-3: m onotonous repetition of bollards Perimeter security design 4-5 m Hydraulic barriers, drop arm beams and the complete system including security gatehouses are visually intrusive. Wherever possible, such entr y controls should be located in access roads and service alleys. m The use of a combination of barrier types establishes a flexible desig n palette that responds to security requirements in accordance with diverse perimeter conditions (Figure 4-5). Figure 4-4: these bollards resemble a wall. sOurce: ncPc) Figure 4-5: top: combination of low retaining walls and low bollards. Bottom, left: combination of oversize bollard and large planters placed on very wide sidewalk. Bottom, right: combination of tree and bollards. Perimeter security design 4-6 Opportunities to add a palette of elements, such as varied bollard types , engineered sculptured forms, hardened street furniture, low walls, and judicious landscaping can all assist in creating a functional yet attractive barrier that will enhance the setting. Solutions that integrate a number of appropriate perimeter barriers into the overall site design will be more successful (Figure 4-6). The graphic box following shows varied bollard sizes combined with other elements to reduce the monotony of a long curbside barrier system. Figure 4-6: A combination of barrier types for a variety of threat conditions. Vehicle access to this building is prevented by custom designed bollards, a sculptured concrete barrier, fences and trees sOurce: design: deLLA VALLe + BernHeimer ArcHitects BOLLARD VARIATIONS AS PART OF THE STREETSCAPE small and large bollards, trees and plants. in a few years the trees will dominate the streetscape (right). Bollards, trees, and lamp standards (below). Perimeter security design 4-7 m The placement of barriers at corners, driveways, sally ports, stairs, an d handicapped ramps requires careful attention. m Barriers at the edges of soil slopes need to be investigated carefully. m Corners need creative design, for example, to increase the area to account for pedestrian queuing while interspersing effective barriers that can consist of non-obvious objects, such as traffic signals, signs, lighting, etc. In addition, corners can offer the opportunity to consider barrier design in depth to facilitate pedestrian flow and protection while preventing vehicle entry. Space for several functions are important consid – erations: (1) pedestrians to circulate during the green signal phase, (2) a pedestrian holding area during the red signal phase, (3) vehicles turning the corner, and (4) people joining in the queue at the red signal phase. These space requirements demand that sidewalk corners be kept clear of obstructions. Reduction of corner spac e can lead to people using the roadbed as a waiting area. Sidewalk corners (defined as the space created by extending lines to the edge of the s ide – walk) should be free of objects. No part of a corner curb cut should ha ve any security elements. Wrap-around corners (stretches from the edge of one curb cut to the edge of the adjacent one) at rounded sidewalk cor – ners should not be permitted. m Emergency evacuation and access are important considerations. The primary goal of perimeter security is to provide facilities with a layer of barrier protection. However, the same protection that keeps dangerous vehicles or people away could also keep first responders from approaching the building quickly and enabling people to exit rapidly. m Landscape materials can soften and naturalize the appearance of many types of constructed barriers, improving their appearance and compatibility with the surrounding areas (Figure 4-7). m When possible, position gates and perimeter boundary fences outside the blast vulnerability envelope. m For high-risk buildings, barriers should be provided at site and building entries. Vehicles should not be permitted to park next to the perimeter walls of the secured area. corners can be vulnerable points for vehicle bomb attacks. they are often the area of greatest approach speed, greatest number of approach avenues, and most perpendicular impact. unless they are carefully designed to impede bomb-laden vehicles, it may be possible for an attacker to drive onto the sidewalk and proceed unimpeded to an intended target. Perimeter security design 4-8 m In case of an elevated risk, vehicles can be used as very temporary physical barriers when placed in front of buildings or across access roads, but they are very detrimental to the character of an entry when used as a long-term risk mitigation measure. Case Study 5 describes a large agency complex in Washington, D.C., that features an arcaded crescent that wraps around two sides of the building and encloses an internal garden space. This creative security barrier makes a positive contribution to the urban environment. Figure 4-7: Low and high walls softened with landscaping. CASE STUDY 5: A MAJOR GOVERNMENT BUILDING 1.0 INTRODUCTION this new government building using innovative security barriers is located at the intersection of two major streets in a city’s industrial area that is undergoing urban renewal. the complex is designed to engage the street edges, with an entrance across from a nearby transit center. retail facilities border to the east, while a trellised garden wall to the south animates the street edges in addition to enhancing the perimeter security. Perimeter security design 4-9 CASE STUDY 5: A MAJOR GOVERNMENT BUILDING (continued) 1.1 Project Scope the building program includes general office space, training rooms, lab oratories, a library, an auditorium, underground parking, and auxiliary services. A three-story, planted, arcaded crescent wraps around the north and west boundaries, enclosing an internal garden space. Loading docks and an inspection booth are integrated into the architecture and garden walls. 1.2 Project Team moshe safdie and Associates with OPX Architecture, Associate Architects 1.3 Project Schedule completed in 2007 2.0 DESIGN APPROACH 2.1 Issues Addressed m security needs of a major government building m Limited space in existing urban context 2.2 Security Strategy First Layer of Defense m unusual perimeter arcade, which provides attractive, integrated security m entry controls and screening Second Layer of Defense m Walls with attractive security fencing Third Layer of Defense m Building architecture incorporates risk mitigation measures 3.0 BLENDING WITH THE NEIGHBORHOOD CONTEXT m nice transition from neighborhood low-rise buildings m Arcade and landscaped plaza adds amenity 4.0 INNOVATIONS AND BEST PRACTICES m A mix of barriers and deterrents designed within the context of the site and its surroundings provides multiple layers of protection and creates an amenity for the ne ighborhood m secur ity is part of the aesthetic of the architectural design, an integral component, i nstead of an aftertho ught Perimeter security design 4-10 4.2.2 BArrier crAsh test st AndArds There is a wide variety of design methods and devices that can be used t o provide protection. The site risk analysis (see Chapter 2) will provid e in – formation on the nature of the threat to be mitigated, and the designer needs to know the relative performance of the methods that are available so that appropriate choices can be made for the various conditions that will be encountered. Since this publication is primarily concerned with protecting buildings from bomb-carrying vehicles, effectiveness in stop – ping vehicle entry is a critical performance parameter. The crash testing standard in common use was developed by the Department of State (DOS). To obtain DOS certification, the vehicle bar – rier must be tested by an independent crash test facility to meet DOS standards. The test specifies perpendicular barrier impact by a 15,000 -lb. (6810 kg.) diesel truck. Initially, the DOS standard provided for three levels of intrusion: m Level 3: Allows intrusion of the vehicle 36 inches (0.91 m) into the barrier m Level 2: Allows intrusion of the vehicle 20 feet (6.1 m) into the barrier m Level 1: Allows intrusion of the vehicle 50 feet (15.2 m) into the barrier In February 2003, the standard was revised, and levels 1 and 2 were de – leted. The standard currently provides certification for three classes of protection: Certification Class Speed (mph) Speed (kph) K12 50 mph 80 kph K8 40 mph 65 kph K4 30 mph 48 kph To become certified with a DOS “K” rating, the 15,000-lb. vehicle must achieve one of the K-rating speeds, and the bed of the truck must not penetrate the barrier by more than 36 inches. The test vehicle is a me – dium-duty truck such as those that any driver with a commercial license and a credit card can buy or rent. Note that the amount of intrusion is measured to the front of the cargo bed of the truck, where explosives would typically be located (Figure 4-8). Perimeter security design 4-11 This limited penetration is appropriate for the DOS because their facilities have usually been located in high-density areas with little or no set – back. In open sites with more adequate setback, deeper penetration may be acceptable, and agen – cies, such as the DoD or the DOE, or the private sector, may reinstate deeper penetration levels in the new ASTM standard under development (see below). Where the setback is extremely limited, every foot of penetration is critical. The lack of a universally accepted testing and certification process f or bar – riers has hindered the development of components that are uniquely designed and appropriate for well-planned streetscapes. Typical testing methods today include a computer simulation, using finite-element anal ysis, followed by an actual crash test at a controlled facility. Computer simulations can help refine design details and reduce overall costs. However, the live crash tests are generally needed to verify the performance of the barrier. Oftentimes, security projects are designed under tight deadlines with li m – ited budgets, so that few tested barriers are readily available. The result is that only a limited number of “off-the-shelf” items, such as bollards and concrete barriers, are available, and they may not be appropriate for ev ery location. To prevent such occurrences, the design effort in a major project should include time and money for the design and testing of custom pe – rimeter security elements in the early stages of the planning process. A key aspect of testing an element is the availability of a proper stand ard by which to measure its effectiveness. Until recently, the general standard used was one created by the Department of State for overseas locations, utilized for domestic purposes. The standard does not provide for much flexibility in design. To address this, ASTM International has developed recent experience has shown that terrorists are making increasing use of a “double tap” tactic in which the first vehicle is intended to breach the barrier so that a second vehicle can pass through and get close to the building. careful design and control is necessary to prevent the first or second vehicle from entering the setback area. Figure 4-8: Barrier test intrusion limit. Perimeter security design 4-12 a new standard ( WK 2534, Standard Test Method for Vehicle Crash Testing of Perimeter Barriers and Gates ) to expand upon the DOS crash test standard. To meet the diverse needs of the various groups that will use the new ant i- ram standard, the types of test vehicles and test conditions included in the standard need to be expanded, and longer stopping distances will be re – instated for use on open sites where more space is available for greater stand-off distance. The new standard will include additional vehicle sizes. The smallest will be a uni-body sedan that might be able to slip between bollards that would stop a larger and heavier vehicle, such as a single-unit truck or tractor-trailer. Another vehicle to be considered in the standard is a 3/4-ton (2000 kg) pickup truck. The largest vehicle will be a 60,000-l b. (27 metric ton) tractor-trailer or dump truck, which would test the limits of the barrier. 4.2.3 determining BArrier design criteriA The security design criteria required for a barrier are largely deter – mined by key information obtained in the following steps in the risk assessment process: 1. Threat analysis should provide the following Design Basis Threat (see Chapter 2, Section 2.2.2, Step 1 of the FEMA Risk Assessment Steps) : m Vehicle size, weight, speed. m Bomb size (weapon yield in pounds of TNT equivalent) and worst-case stand-off distance. 2. Vulnerability analysis provides: m Building envelope and structural information that contribute to the determination of the appropriate stand-off distance, and that enable possible tradeoff between alternative building characteristics and stand-off distances to be evaluated and costed. m Information on available stand-off distances. m Information on the possible reduction of vehicle speed through the existing or modified characteristics of approach roads. m Limitations imposed by underground utilities. m Information on the types of soil, which affect barrier standards. Other criteria relating to planning, architectural, and streetscape issues are discussed in the following sections. Perimeter security design 4-13 4.3 BArrier mA teriALs And types 4.3.1 mAteriALs t here are four commonly used building materials for perimeter bar – riers: steel, cast iron, reinforced concrete, and cast stone. Natural materials such as rocks, trees, plants and earth forms may also be incorporated in a barrier system. m Steel or cast iron can be used in almost any design and are usually easier to install than other materials. They are very strong and, compared to concrete, permit a smaller barrier to stop a vehicle. Steel and cast-iron barriers require more maintenance than other materials, such as concrete, and routine painting is necessary to prevent rust. m Reinforced concrete barriers take more time and manpower to install, but require little maintenance and are typically less expensive than steel or cast iron. Because concrete structures are commonly found in urban environments, this material is often more compatible with the surrounding context. Reinforced concrete barriers can be both poured-in-place and precast. m Stone or granite security elements must be larger than steel or reinforced concrete elements and are often used in enclosed earthen walls or as benches. Granite is very durable and attractive, complementing the architecture of many buildings. 4.3.2 BArrier types There are two basic categories of barriers: passive (fixed) and active (operable). Passive barriers are fixed in place, do not allow for vehicle entry, and are used to provide perimeter protection away from vehicle access points. Fo r jurisdictional purposes, they may typically be categorized into four typ es: m Devices placed within the property lines of a building; they are usually not subject to city rules or regulations. m Devices that are installed in the public right-of-way and that are under the jurisdiction of local planning and transportation regulations. m Devices installed in privately maintained and privately owned public spaces (such as plazas built on private property in exchange for floo r area bonuses) are usually under the jurisdiction of the local planning department. Perimeter security design 4-14 m Devices installed on federal and state land are not required to comply with local regulations, although typically federal and state agencies work cooperatively with local departments. Passive barriers include: m Walls, berms, and ha-ha barriers m Engineered planters m Fixed bollards, heavy objects, reinforced street furniture, fixtures, and trees m Water obstacles m Jersey barriers in fixed and anchored installations m Fences These are listed in approximate order of typical impact ratings, with th e highest first. Examples of crash ratings for engineered barriers are g iven in the type descriptions below. Active barriers are used at vehicular access control points within a per im – eter barrier system, or at the entry to specific buildings within a site, such as a parking structure or a parking garage within an occupied building, to provide a barrier for vehicle screening or inspection; they can be op – erated to allow vehicle passage. Catalog items can be obtained with DOS system ratings to resist various levels of impacts. The descriptive term i – nology varies among manufacturers. m Rotating wedge systems m Rising-wedge barricades m Retractable bollards m Crash beams m Crash gates m Surface-mounted wedges and plates These are listed in approximate order of typical impact ratings, with th e highest first. Examples of crash ratings for each type of barrier are given in the type descriptions below. Active barriers are mechanical devices produced by a number of special – ized manufacturers. Examples of each type are illustrated below to show designers their typical characteristics. Active devices must be used in con – junction with signage, light signals, gatehouses and security personnel: Perimeter security design 4-15 these provide a challenging task to design an integrated grouping of ob – jects that are in tune with the building and site. In addition, some innovative barrier systems have been developed in re – sponse to design and cost-related demands. These include both active and passive devices: m The NOGO system m The Tiger Trap m The Turntable 4.4 pAssiVe BArriers 4.4.1 WALLs, excAVA tiOns, Berms, ditches, And hA-hA’s Description, Purpose, and Performance t he hardened (or engineered) wall group includes retaining walls and freestanding walls. These may be constructed of reinforced or mass concrete, concrete masonry, brick, and natural stone, or other materials typically reinforced with steel. Walls may be designed to include sections of perforated walls or discontinuous walls to achieve improved appearance while still satisfying security requirements. Figure 4-9 shows a reinforced concrete barrier wall that incorporates ar t work on its face, and Figure 4-10 shows a barrier wall integral with the building face in an urban site. Figure 4-9: r einforced wall barrier with artwork. sOurce: PHOeniX, AriZOnA, POLice dePArtment , tOdd WHite Perimeter security design 4-16 Walls can be engineered to provide any desired level of performance. It should be noted that concrete can become fragmented by an explo – sion and turn into projectiles that may cause serious damage to life and property. Berms, excavations, and ditches can be effectively used to stop vehicles from penetrating the restricted territory. Triangular ditches and hillside cuts are easy to construct and can be effective against a wide range of ve – hicle types. Side hill cuts are variations of the triangular ditch, adapted to side hill locations, and have the same advantages and limitations. Wi th this type of construction, a vehicle will be trapped when the front end falls into the ditch and the undercarriage is hung up on the leading edg e of the ditch. Although untested, soil and rock can absorb large amounts of kinetic energy. Typical configurations and dimensions are shown in Figure 4-11. Both the configurations and dimensions should be carefull y studied in relation to the types of vehicles expected to be encountered and the desired level of protection. Figure 4-10: reinforced concrete barrier wall with artwork at the scottish Parliament, edinburgh. sOurce: enric, mireLLes, BenedA ttA, t AgLiABue (emBt) And rmJm, JOint -Venture ArcHitects, PHOtO: ducciO mALAgAmBA Perimeter security design 4-17 The ha-ha is a form of barrier that originated for aesthetic purposes in 17th century England. The barrier was used to prevent cattle from wan – dering up to a country mansion, while at the same time the barrier wall was invisible to the house. This strategy has been adapted for use as a se – curity barrier, most notably around the new setting for the Washington Monument. Here it replaces an unsightly circle of Jersey barriers and allows an unimpeded view of its surroundings from the base of the mon – ument. Viewed from outside the site from below, the Jersey barriers are replaced by an elegantly detailed masonry wall. A happy historical refer – ence is that Washington’s home at Mount Vernon used ha-ha’s for their original purpose (Figure 4-12) Figure 4-11: excavations, berms, and ditches. sOurce: AFter dOd HAndBOOK: seLectiOn And APPLicAtiOn OF VeHicLe BArriers, miL-HdBK-1013/14, 1999 Perimeter security design 4-18 Installation Although mass may provide an effective barrier in such walls as heavy masonry installed in a ha-ha, typical concrete walls require heavy rein – forcing. Figure 4-13 shows a typical engineering detail of a low anti-ra m wall and indicates the necessary dimensions and reinforcing for effective performance. Design Implications Unless carefully placed and designed, barrier walls can be intrusive elements. They should, as far as possible, only be used where a wall is es – sential, and where efforts are made by design and materials to reduce th e negative impact. Ha-ha’s are an effective way of providing a non-intrusive barrier that can be integrated into the landscape. Figure 4-12: Top: Ha-ha diagram (sOurce: ncPc). Center left: Jersey barriers at the Washington monument. Center right and bottom: Ha-ha’s at the Washington monument. Perimeter security design 4-19 4.4.2 engineered pLAnters Description, Purpose, and Performance Well-designed planters can form an effective vehicle barrier. Planters located on the surface rely on friction to stop or delay a vehicle, and will be pushed aside by any heavy or fast-moving vehicle; displaced planters may become dangerous projectiles. Engineered planters need considerable reinforcing and below-grade depth to be effective and become fixed elements in the landscape design. The planter shown provides DOS K12 performance (Figure 4-14). Protection may also be enhanced by the use of crash-rated bollards con – cealed in planters (Figure 4-15). Figure 4-13: engineering detail of anti-ram low wall, to illustrate concept only; dimensions and reinforcing will vary. sOurce: dOs Perimeter security design 4-20 Installation Some security guidelines for planter system installation are: m Rectangular planters should be no more than two feet wide, and circular planters should be no more than three feet wide. The horizontal dimension of rectangular planters should not exceed six feet. These, however, are not the best sizes for viable plantings. Figure 4-14: typical engineering detail of reinforced planter with dO s K12 performance, to illustrate concept only; dimensions and reinforcing will vary. sOurce: dOs Figure 4-15: Planter with concealed crash-rated bollards. sOurce: WAusAu tiLe Perimeter security design 4-21 m A maximum distance of four feet, depending on the kind of traffic anticipated, should be maintained between planters and other permanent streetscape elements including, but not limited to, fire hydrants, light poles, mailboxes, trees etc. Any greater distance will allow a small car with a few hundred pounds of explosives to pass through. m Planters should be oriented in a direction parallel to the curb or primary flow of pedestrian traffic. In no case should a planter or line of planters be placed perpendicular to the curb. m Landscaping within planters should be kept below two-and-a-half feet, except when special use requirements call for increased foliage (Figure 4-16). In addition, planters should not have enough vegetation to hide a package six inches thick, a briefcase, or a knapsack. m Planters should contain live landscaping at all times and be regularly cleaned of trash and debris. m Planters should not be used in high pedestrian traffic areas. In these locations, bollards or other less obtrusive objects are appropriate. m Planter design, location, and maintenance should create viable conditions for healthy plants. These include adequate water or irrigation, appropriate soil mixture, and selection of plants appropriate to be grown in planters. Seasonal characteristics and ultimate size of plant material shape the choices. Figure 4-16: Large planters as a barrier. the small planters de-emphasize the scale for the open- air restaurant. despite the large planters, the effective sidewalk width remains wide. Perimeter security design 4-22 Design Implications Planters can have a heavy impact on pedestrian movement, reducing the effective sidewalk width — the portion of the sidewalk that can be ef fec – tively used by pedestrians, defined as the width of the sidewalk minus the width of obstructions and the distance people stay away from them. However, well-designed and placed planters can have multiple functions and be civic amenities. 4.4.3 fixed BOLLArds Description, Purpose, and Performance A bollard is a vehicle barrier consisting of a cylinder, usually made of steel and filled with concrete placed on end in a deep concrete footing in the ground to prevent vehicles from passing, but allowing the entrance of pe – destrians and bicycles. Bollards are also constructed of steel sections and reinforced concrete. An anti-ram bollard system must be designed to ef – fectively arrest the vehicle and its cargo as quickly as possible and no t create an opening for a second vehicle. A typical fixed anti-ram bollard consists of a ½-inch thick steel p ipe, eight inches in diameter projecting about 30 inches above grade and buried about 48 inches in a continuous strip foundation (Figure 4-17). The bollard shown in Figure 4-17 would be capable of stopping a 4,500-lb . vehicle traveling at 30 mph. Rated bollards are also available that woul d provide protection up to DOS K12 level. Figure 4-17: d iagram of typical bollard installation. t o illustrate concept only: dimensions and reinforcing will vary. sOurce: dOs Perimeter security design 4-23 Bollards can be specified with ornamental steel trim attached directly to the bollard or with selected cast sleeves of aluminum, iron, or bronze t hat slip over the crash tube. Bollards can be galvanized against corrosion and fitted with internal illumination for increased visibility. Figure 4-18 shows a number of decorative bollards with high-performance ratings. Bollards may be custom designed for an individual project to harmonize with the materials and form of the building, but to ensure adequate protection, they would need to be tested by an independent laboratory (Figure 4-19). . Figure 4-18: decorative bollards with high-performance ratings. sOurces: tOP LeFt And rigHt: secureusA, inc. BOttOm LeFt: deL tA scientiFic cOrP. Figure 4-19: c ustom-designed steel bollards that match the design of their buildings Perimeter security design 4-24 Commonly used decorative bollards without deep foundations do not have anti-ram capacity, though they may provide some deterrence value by making the building look more protected than it is. Installation The need for bollards to penetrate several feet into the ground may caus e problems with below-ground utilities whose location may not be known with certainty (Figure 4-20). If underground utilities make the installation of conventional bollard foundations too difficult, a possible solution is to use bollards with a wide shallow base and a system of beams below the pavement to provide resis – tance against overturning (Figure 4-21). Figure 4-20: i nstallation of fixed bollard line. note the depth and size of the excavation. sOurce: secureusA, inc. Figure 4-21: example of bollards with a wide shallow base and a system of beams. sOurce: rsA PrOtectiVe tecHnOLOgies Perimeter security design 4-25 Design Implications Bollards are by their nature an intrusion into the streetscape. A bollard system must be very thoughtfully designed, limited in extent and well in – tegrated into the perimeter security design and the streetscape in order to minimize its visual impact The visual impact of bollards can be reduced by limiting height to no more than 2 feet 6 inches. However, the height of the curb and its po – sition relative to the bollard also relates to the bollard height. This and other site specific conditions such as road surface grade, may help to maintain an effective bollard for impact while making the bollard appear visually less obtrusive. In addition, the design basis threat, in terms of ve – hicle size and speed, also influences bollard height. In no case should bollards exceed a height of 38 inches inclusive of any decorative sleeve . A bollard reduces the effective sidewalk width in a pedestrian zone by the width of the curb to bollard (typically 24 inches, plus the width of th e bol – lard). In several high-pedestrian and narrow-sidewalk areas of a central business district, the reduction in effective sidewalk width can prove c ritical. Other bollard system guidelines are: m Spacing between 36 and 48 inches depending on the kind of traffic expected and the needs of pedestrians, people with strollers and wheel chairs and the elderly must be considered. m In long barrier systems, the bollards should be interspersed with other streetscape elements such as hardened benches, light poles, or decorative planters. m They should be kept clear of ADA access ramps and the corner quadrants at streets. m They should be arranged in a linear fashion in which the center of the bollards is parallel to the center line of existing streets. 4.4.4 heAVy OBjects And trees Description, Purpose, and Performance Heavy objects, such as large sculptural objects, massive boulders, eart hen berms or concrete forms with unassailable slopes, and dense planting and trees can be used in a similar way to bollards to prevent vehicles from passing, while allowing the passage of pedestrians and bicycles. To ensure that such barriers can effectively reduce the threat level, engineering de – sign and/or evaluation is necessary. For example existing dense thickets of mature trees can be incorporated into a perimeter system (Figure 4-22) . Perimeter security design 4-26 Specially designed objects that also serve a practical and aesthetic purpose can be used as effective barriers (Figures 4-23, 4-24, 4-25, and 4-26) . Figure 4-23: c ombination low retaining wall and sculptural object as a barrier system. Figure 4-22: g roups of mature palm trees as protection from vehicular intrusion. sOurce: PHOeniX POLice dePArtment , AriZOnA center, rOuse deVeLOPment cO. Perimeter security design 4-27 Figure 4-24: decorative obelisk at the approach to a civic Plaza. sOurce: PHOeniX, AriZOnA, POLice dePt ., tOdd WHite. Figure 4-25: group of engineered sculptured objects as a barrier. sOurce: PHOeniX, AriZOnA, POLice dePt., tOdd WHite. Perimeter security design 4-28 Figure 4-27 shows the use of custom bollards in combination with large rocks. The rocks have symbolic meaning as part of the landscaping of the space but are also engineered barriers. Figure 4-26: An array of rocks form an effective barrier. Figure 4-27: selected rocks and custom bollards as barriers: scale and placement provide nonintrusive security. Perimeter security design 4-29 Installation Objects used as barriers will need varying degrees of embedment and rein – forcement, depending on their weight, footprint, and height/width ratio. Design Implications The use of natural features such as rocks, or man-made objects such as sculpture, provides opportunities for creating barriers that can enhance the visual environment, effectively delineate pathways, clarify public and private space, and provide protection in an unobtrusive manner. 4.4.5 WAter OBst AcLes Description, Purpose, and Performance One of the oldest forms of site security design is that of water. Used in the form of artificial or natural lakes, ponds, rivers, and fountains, wat er can be an effective and beautiful choice for a barrier. The configuration of the channel can be designed as an effective “tank trap,” or walls of the pool or mass of the fountain can be engineered to stop a vehicle. The water can be presented in a variety of ways — flat and smooth or enhanced with movement by falls or fountains. Water features generally require ongoing maintenance with filters, pumps, cleaning, etc. (Figure 4-28). Figure 4-28: this proposal for the re-design of the Washington m onument grounds uses water to create a barrier. the meandering canal is quite beautiful as well as functional. sOurce: micHAeL VAn VAndenBurgH And AssOciA tes Perimeter security design 4-30 An example of a water barrier in an urban setting is also shown in Chapt er 6, Section 6.4, Figure 6-19. 4.4.6 jersey BArriers Description, Purpose, and Performance A Jersey barrier is a standardized precast concrete element originally d e – veloped in the 1940s and 1950s by New Jersey, California, and other states as a median barrier to prevent vehicle crossovers into oncoming traffi c. The New Jersey barrier became the most widely used and gave its name to the generic barrier type. Subsequently, the barrier was widely used for temporary protection in highway and other construction projects, and came into wide use after September 11, 2001, as an anti-ram and traffi c control barrier against terrorist attack. The barriers are not easily adaptable: they come in standard lengths of 12.5 and 20 feet, making their use somewhat inflexible, and they must be carefully installed or they may create undesirable spaces where they overlap, and reduce sidewalks to non-navigable widths (Figure 4-29). Jersey barriers were thought to provide protection through their mass — a 12-foot barrier weighs approximately 5,700 pounds — but if pla ced on the surface, they are ineffective against vehicular attack. To be effec – tive, they need embedment and vertical anchorage by steel reinforcing through the foundation. The Jersey barrier shown in Figure 4-30 is capable of stopping a 4,000-l b. vehicle traveling at 50 mph and a 12,000-lb. vehicle traveling at 25 mph . Note that the barrier is embedded about 12 inches and anchored to the concrete slab with reinforcing bars: in this installation, the barriers essen – tially become permanent (Figure 4-30). Figure 4-29: Jersey barriers: pedestrian disruption at the White House (left) and o n a d.c. street (right). Perimeter security design 4-31 Installation When installed on a sidewalk, a Jersey barrier reduces the effective sid e – walk width by three-and-a-half feet, plus whatever distance it is placed from the curb. Some installations can be dangerous in the event of an emer – gency evacuation, particularly when several barriers are connected witho ut breaks, because there is no easy way for pedestrians to move past them. Design Implications Relatively inexpensive and readily available, Jersey barriers became ubi qui – tous in the protection of public buildings and monuments in Washington, New York, and elsewhere. However, their often awkward placement may degrade the beauty of the urban scene and disrupt access and movement for those on affected streets and sidewalks. Their most effective use is on a temporary basis. 4.4.7 fences Description, Purpose, and Performance Fences are a traditional choice for security barriers, primarily intende d to discourage or delay intruders or serve as a barrier against stand-off weapons (e.g., rocket-propelled grenades) or hand-thrown weapons such as grenades or fire-bombs. Familiar fence types include: m Chain-link m Monumental fences (metal) Figure 4-30: Jersey barrier dimensions and installation for high level of protection. sOurce: dOd HAndBOOK: SELECTION AND APPLICATION OF VEHICLE BARRIERS , miL- HdBK-1013/14, 1999 Perimeter security design 4-32 m Anti-climb (CPTED) fence m Wire (barbed, barbed tape or concertina, triple-standard concertina, tangle-foot) Descriptions of these fence types can be found in FEMA 426, Section 2.4. 1. These fencing types are primarily intended to delay intrusion; they pro – vide limited protection against vehicles unless specially designed to b e crash-rated. Fencing can also incorporate various types of sensing devices that will relay warning of an intruder to security personnel. Concealed intrusion detection systems are also available, incorporating buried field units and sensor cables. Fences can also be constructed as engineered anti-ram systems. A typical solution is to use cable restraints to stop the vehicle: these can be placed at bumper height within the fence, hidden in planting. The cable needs to be held in place using bollards and anchored to the ground at the ends (Figure 4-31). High-security cable fencing is available that can provide protection to the original DOS Standards of providing an L1 rating (20 to 50 feet penetra – tion) or L2 rating (3 to 20 feet penetration). Figure 4-31: Layout of cable barrier, used in conjunction with fence or planting. sOurce: dOd HAndBOOK: seLectiOn And APPLicA tiOn OF VeHicLe BArriers, miL- HdBK-1013/14, 1999 Perimeter security design 4-33 Installation Cable system fences allow considerable deflection before vehicles are stopped; vehicles will be able to partially penetrate the site before re – sistance occurs. The amount of deflection is based upon the distance between the concrete “deadmen” — typically about 200 feet. As a re – sult, the siting requirements for fences and gates that incorporate a cable system differ slightly from other types of walls and fences. The designe r should take this into consideration when these types of systems are bein g considered. Conventional fences with crash ratings can also be provided (Figure 4-32). Design Implications Fences for the protection of property have a long history and have also often been elements of great beauty. Modern fences are governed more by function and cost, but variations of historic fence design have been used as barriers for important historic buildings. The appearance of les s attractive fencing can be improved by planting. 4.4.8 reinf Orced street furniture And fixtures Description, Purpose, and Performance Common streetscape elements can be reinforced to serve as anti-ram barriers. These elements can be designed to be “hardened” so that they function both as amenities and as components of physical building perim – eter security. The structural design, spacing, shape and detailing of the perimeter security components must be designed to address the required Figure 4-32: crash-rated fence. sOurce: Amerist Ar Fence PrOducts inc. Perimeter security design 4-34 level of protection for a particular building. Typical elements that lend themselves to this approach include hardened street furniture, fences or fence walls, plinth walls (low retaining walls), bollards, planters, l ight stan – dards, bus shelters etc (Figure 4-33). Figure 4-33: streetscape elements suitable for hardening as security elements sOurce: ncPc Perimeter security design 4-35 To date, bollards have tended to become ubiquitous as perimeter barrier systems. Security device manufacturers have found sufficient demand to justify development and testing of active and passive bollards. They hav e also responded to design demands by providing decorative covers in a number of materials, which has greatly improved their appearance, but there is need for more variety in barrier system design. This variety ca n be provided by the use of hardened streetscape elements, but this ap – proach has been limited due to the lack of tested and certified exampl es. Development of such elements is important to enable the design of an at – tractive and secure urban environment. An improvised example of this approach, using crash rated bollards concealed between two benches, is shown below ((Figure 4-34). Supplementing bollards with common other reinforced streetscape compo – nents such as lamp standards, bus shelters, and kiosks can assist in rel ating security design to the community context. Such components would need testing to ensure acceptable performance, but the use of custom-designed components would enhance the streetscape and add an additional level of safety to pedestrians against everyday traffic accidents. Some example of these applications are shown in the following graphic boxes. Figure 4-34: Outdoor seating reinforced with hidden bollards. sOurce: secure usA, inc. CUSTOM STREET FURNITURE BARRIERS Perimeter security design 4-36 CUSTOM STREET FURNITURE BARRIERS (continued) Perimeter security design 4-37 An example of a custom-designed streetscape feature is that of reinforce d glass seating that provides a considerable level of protection, looks at – tractive, and can be illuminated to provide additional night protection at locations such as bus stops (Figure 4-35). Figure 4-35: reinforced and illuminated glass bench model. sOurce: rOgers mAr VeL ArcHitects, LLc CUSTOM STREET FURNITURE BARRIERS (continued) Perimeter security design 4-38 4.5 ActiVe BArriers 4.5.1 retrAct ABLe BOLLArds Description, Purpose, and Performance A retractable bollard system consists of one or more rising bollards operating independently or in groups of two or more units. The bollard is a below-ground assembly consisting of a foundation structure and a heavy cylindrical bollard that can be raised or lowered by a buried hydraulic or pneumatic power unit, controlled remotely by a range of access control devices. Manually operated systems are also available: these are counter-balanced and lock in the up or down posi – tion. Typical retractable bollards are 12 to 13 inches in diameter, up to 35 inches high, and are usually mounted about three feet apart, depending on the type of traffic. Figure 4-36 shows typical installations of retractable bollards, with fixed bollards to each side of the retractable array. Figure 4-36: typical retractable bollard systems at a service entry (left) and a parking garage (right). note the fixed bollards to each side of the retractable arrays. Retractable bollards are used in high-traffic entry and exit lanes where vehicle screening is necessary, at site entrances, and at entries to parking garages and building services. Unlike rising or rotating wedge barriers, the entry is freely accessible to pedestrians when the bollards are raised. Normal bollard operating speed is field adjustable and ranges from 3.0 to 10.0 seconds. Emergency operating systems can raise bollards to the guard position from fully down in 1.5 seconds. Retractable bollards are available crash rated up to DOS K12 standard. Perimeter security design 4-39 Installation Retractable bollards are expensive because they need deep and broad ex – cavation for the bollards and operating equipment. Figure 4-37 shows a single bollard installation and the installation requirements for a set of bollards. Figure 4-37: retractable bollard installation section (top) and installation requirements for power and control of a set of bollards (bottom). sOurce: deLtA scientiFic cOrP. Perimeter security design 4-40 m Retractable bollards are a relatively unobtrusive barrier, which need only be raised when screening is necessary, although at a time of heightened threat they can remain in their raised position. A variety of ornamental sleeves can be provided. Retractable bollards are generally accompanied by fixed bollards at the sides, and a secure control booth is necessary for security personnel. 4.5.2 rising Wedge BArriers Description, Purpose, and Performance Wedge barriers, sometimes called rotating plate barriers, consist of a metal plate installed in a roadway that can be raised or lowered by an attenda nt usually located in a booth next to the metal plate, thus regulating vehicle access to the street across which it is installed. These barriers can be crash rated and can effectively stop vehicles. Their primary purpose is to create a restricted area by regulating vehicle access, rather than to block an area from all vehicles. Shallow foundation systems are available rated to DOS K12 standard. Raised height is from about 21 inches to 38 inches, and a standard width is 10 feet. In the retracted position, the heavy steel ra mp will support any permitted road transport vehicle axle loadings. The moving plate is raised and lowered by a hydraulic or pneumatic system (Figure 4-38). Figure 4-38: rising wedge barriers. sOurce: deLtA scientiFic cOrP. Perimeter security design 4-41 Installation Wedge barriers can be surface mounted, or mounted in a shallow excava – tion about 18 inches deep. In the latter installation, the barricade plate is flush with the road surface when retracted. The power unit can be config – ured to operate one or more barricades and can be operated by a range of optional remote control inputs. In surface-mounted installations, all components are mounted above grade; no cutting or excavation is re – quired on good concrete surfaces. Mobile wedge barriers are also available that can be moved into position by a medium-sized pickup truck in 15 minutes. These can form an effec – tive element of a planned temporary barrier to respond to a heightened threat level (Figure 4-39). Design Implications Rising wedge barriers were one of the earliest active barrier systems to be developed. They are somewhat utilitarian in appearance, compared to re – tractable bollards or rotating wedge systems. These barriers effectively restrict vehicular through movement, but care must be taken to ensure that limitations on the passage of screened bic y – cles, cars and emergency vehicles are minimized. Like all active barrier s, mobile wedge barriers must be attended at all times. Figure 4-39: mobile wedge barrier. sOurce: deL tA scientiFic cOrP. Perimeter security design 4-42 4.5.3 rOtAting Wedge systems Description, Purpose, and Performance These systems are similar in action to the rising wedge blocker outlined in Section 4.5.2 but have a curved front face, providing a better appear – ance, and are embedded to a grater depth. The height of the obstacle is between 24 and 28 inches, and a standard width is 10 feet. The obstacle is operated hydraulically by heavy duty rams. Operating time is about three seconds per movement (Figure 4-40). Figure 4-40: typical rotating wedge barrier dimensions and installation requirements. sOurce: deL tA scientiFic cOrP. Installation The pit to receive the system is approximately 5 feet wide, 40 inches de ep, and about 6 inches wider than the width of the obstacle. The hydraulic mechanism can be located up to 50 feet away from the barrier. Design Implications Appearance depends on the layout and design of any accompanying fixed barriers and control booths, the design of operating buttresses, and the color and pattern of the barrier (Figure 4-41). Perimeter security design 4-43 4.5.4 drOp Arm crAsh BeAms Description, Purpose, and Performance Drop-arm crash beams are a greatly strengthened version of barriers fa – miliar at parking garage entries and the like. To create a crash barrier, the assembly consists of a steel crash beam, support and pivot assembly, cast- in-place concrete buttress, and locking and anchoring mechanisms. In addition, crash-rated beams incorporate a high-strength steel cable, whi ch is attached to both buttresses when the arm is in a down position. Clear opening range is from about 10 to 24 feet. The arm is raised and lowered using a hydraulic or pneumatic system, or manually with a counter-bal – anced arm (Figure 4-42). Figure 4-42: drop-arm crash beam. Figure 4-41: rotating wedge installation with typical manufacturer’s jazz pattern (left), rotating plate barrier with stop sign in an elegant font combined with well-designed fixed low bollards (right). Perimeter security design 4-44 While crash-rated drop beams can be obtained, their performance is typ – ically less effective than other active systems, although barriers can b e obtained with a certified K12 performance rating. 4.5.5 crAsh gAtes Description, Purpose, and Performance Crash-rated gates can be obtained that operate without contact with the ground, while others use a rack-and-pinion drive across a V-groove. Swing versions are also available. Clear opening range is from about 12 feet t o 30 feet. Typical heights are 7 feet to 9 feet (Figure 4-43). Crash ratings up to DOS K12 can be obtained. Figure 4-43: typical gate installation (left); sliding gate with K12 crash rating ( right). sOurce: deL tA scientiFic cOrP. 4.5.6 surf Ace-mOunted rOt Ating pLA tes Description, Purpose, and Performance Surface-mounted wedges and plates are modular bolt-down barrier sys – tems in which all components are mounted above grade, and no cutting or excavation is needed on most concrete surfaces. The moving plate or wedge is raised and lowered by a hydraulic, pneumatic or electro-mechan – ical drive. A typical unit incorporates a single buttress with a ramp wi dth of 10 feet and a raised height of 21 to 28 inches. Dual buttress systems have a width of about 18 feet. These systems can be installed quickly an d removed easily. Some systems incorporate a drop arm and traffic lights for additional safety (Figure 4-44). Typical cycle time is three to four seconds with a 1.5 second emergency cycle. High-performance systems are capable of a DOS K4 rating. Perimeter security design 4-45 4.6 innOVAtiVe BArrier systems A fter September 11, 2001, designers outside the traditional security industry began to develop systems that combine func – tionality with better appearance and, in some cases, lower cost. The use of the ha-ha, described in Section 4.4.1, is an example of a tra di – tional barrier imaginatively adapted to meet a contemporary and quite different need. Three innovative systems are described in Section 4.6.1. The NOGO barrier and “TigerTrap” are passive systems, while the “Turn – table” is an active barrier. 4.6.1 the nOgO BArrier Originally designed for the Wall Street area of New York City, the NOGO barrier is an example of a device that provides an effective vehicle bar – rier, while also being visually attractive and useful to lean on, socialize or enjoy a lunch around, and as such makes a positive contribution to the streetscape. The NOGO barrier is part security device and part a public art object and has been exhibited at the New York Museum of Modern Art. While more expensive than bollards, these simple yet subtle bronze forms of a beautiful material provide a lasting benefit to the street scene (Figure 4-45). Combined with the Turntable (see below) the NOGO, can also be part of an active anti-ram system. Figure 4-44: surface-mounted wedges: single buttress with lighting (left); dual buttress with drop arm (right). sOurce: secureusA inc. Perimeter security design 4-46 4.6.2 the tigertrAp The TigerTrap is a collapsible sidewalk and planting system designed to reduce the impact of force protection on public space while maintaining a high level of security. The TigerTrap employs a sub-grade collapsible material, installed below at-grade paving or planting. The installation is designed to withstand pedestrian traffic but fail under the weight of a loaded vehicle. The collapsible material lowers the elevation of an at – tacking vehicle, so that it may be stopped by a low bench or underground foundation wall. The system employs a compressible concrete technology developed as an aircraft arrestor system that is installed at the end of the overrun section of runways, instead of net systems commonly used. The system is designed for use in sites where there is considerable spac e available. The TigerTrap has been crash tested by the U.S. Army Corps of Engineers and has been demonstrated to be approximately equivalent to the DOS K12 standard. The system needs careful design to be effective against design threat ve – hicles without blocking lighter vehicles such as golf carts and motorize d wheel chairs; it needs considerable length to be effective (Figures 4-4 6, 4-47). Figure 4-45: nO gO bronze sculptured barriers. sOurce: rOgers mAr VeL ArcHitects, LLc Perimeter security design 4-47 4.6.3 the turntABLe VehicLe BArrier The Turntable Barrier concept was designed specifically to overcome diffi – culties of installation in an urban environment, by use of a state-of-th e-art technology in operable anti-ram devices, while fostering a positive pede s – trian environment (Figure 4-48). Figure 4-46: the tigertrap concept. sOurce: rOcK 12 security ArcHitecture Figure 4-47: Planting cover layer creates a t igertrap planting with a rear bench. sOurce: rOcK 12 security ArcHitecture Perimeter security design 4-48 The Turntable Vehicle Barrier is a shallow-foundation operable de – vice designed to provide the function of retractable bollards without deep foundations. The foundation requires less than 2 ½ feet of depth , placing the installation above most underground utilities. The turn – table employs a non-hydraulic friction wheel drive system, a proven technology used in rotating structures all over the world that alleviates many of the operational and maintenance difficulties associated with hydraulic devices. The rotational movement, while rapid enough for se – curity purposes, does not pose a pedestrian danger. The turntable is presently undergoing an extensive program of crash testing to obtain certification. The surface of the turntable is designed to accept a paving layer to match surrounding materials, and the impact posts can accept covers of any shape and size, such as architectural metals, walls, or planters (Figure 4-49). Figure 4-48: turntable designed for conditions where security devices do not fit easil y amid the tangle of underground utilities and infrastructure. sOurce: rOcK 12 security ArcHitecture Perimeter security design 4-49 Figure 4-49: shallow depth allows the turntable to avoid underground utilities. impact posts keep the street open to pedestrians (top), and the turntable can accept architectural covers on the impact posts and matching paving to the surrounding roadway (right). sOurce: rOcK 12 security ArcHitecture 4.7 cOncLusiOn t he design of the perimeter barrier system is one of the most im – portant aspects of providing building security. Design practice has evolved rapidly from the hasty installation of Jersey barriers after September 11, 2001, to the more considered designed systems that repre – sent today’s best practice. Today’s best practices often involve imaginative use of both traditional and new concepts and materials, in the attempt to balance the needs of security with those of site amenity and everyday function. They have been developed in response to the perceived shortcomings of initial so – lutions. Too often these solutions, conceived to be temporary, lasted for many years, and some have become all but permanent. To the extent that this has happened, and the visual and functional quality of our en – vironment has been de-humanized, it can be said that the terrorists have gained a victory. Perimeter security design 4-50 Access and egress control points need careful design and location, be – cause they weaken the security of the perimeter. On the other hand, a second point of egress is necessary in case an egress point is shut down by police action, bomb squad activities, or other incidents. The examples in this publication show that imaginative design of barrier systems can provide positive enhancement of the urban environment, by more clearly defining the types of public and private space and by pro – viding city goers with more protection from everyday traffic. Innovation in barrier design is also underway, spurred on by the needs of special situ – ations such as the New York financial district, which is both high risk and historic. The aim should be to develop building protection methods that are unobtrusive elements in a safe and attractive streetscape. security DesiGN for the opeN site 5 5-1 SECURITY DESIGN FOR THE OPEN SITE 5.1 iNtroDuctioN t he main characteristic of an open site, as referred to in this publica – tion, is that it provides significant space for vehicular and pedestri an circulation, parking, and other site related functions between the site perimeter and the project building or buildings. An open site is us u – ally located in a suburban, rural, or semi-rural area. A campus is a lar ge open site that accommodates a multi-building facility, such as a college or university, a medical center, a governmental agency, a private industrial or commercial park, or any similar group of facilities. The security design implications for the open site include aspects such as the amount of land available on the site for stand-off and the inhere nt ability of the site to accommodate the implementation of security design features. It is important to recognize that conflicts sometimes emerge be – tween security design elements and conventional site design. For example , open circulation and common spaces (which are desirable for conven – tional design) may be detrimental to certain aspects of security. Designers must balance good design practices with protection priorities. The central concept when adopting elements of protection is to fulfill the security objectives without disruption to other site requirements. Indee d, the aim should be to adopt security elements that as far as possible pro – vide opportunities to enhance the project overall. The project design should offer an attractive approach to the site and to the building(s) , with a clear hierarchy of entry experiences, and at the same time provide func – tional site services. This chapter describes security protection for an open site in which bui ld – ings that are potential targets are located. It begins by depicting the main elements applicable to the layers of defense, access points, control-of-vehicle angles of approach, gatehouses, and screening; it follows by discussing the security implications of general site design tasks, such as signage, par king, loading docks and service access, physical security lighting, and site utilities. 5.2 LA yers of Defe Nse for the ope N site The general “layers of defense” concept presupposes a spacious site with a vehicular approach to the defended building (see Chapter 3). SECURITY DESIGN FOR THE OPEN SITE 5-2 The defended perimeter may or may not be on the site property line. Each site needs to be evaluated to determine the location and types of barriers for the protected area. Typically, the barrier designates the stand-off distance around the building. If possible, this should not be less than the minimum recommended, and if the site permits, it may be considerably more. Intelligence gathering in this layer of defense is im – portant, and cameras and sensors should be installed at entrances and around the perimeter. Figure 5-1 shows the whole site as an exclusive protected area; the peri m – eter barrier is located on the property line. In the example shown, the on-site parking is within the second layer of defense. Crash-rated elements are used where the site is vulnerable to invasive vehicles. The diagram assumes that the rear of the site is impassible to vehicles; the barrier is lim – ited to a fence to deter intruders, although this could also be a crash- rated barrier. Generous stand-off distances can often be easily achieved. Figure 5-1: Protective barrier located on the property line, to provide required stand-off, with on-site parking within the protected area. An alternative solution is to place the barrier within the site (inside the property line), thus reducing the length of barrier that must be provid ed. The on-site parking is outside the access controlled area and a minimum stand-off distance should still be provided (Figure 5-2). SECURITY DESIGN FOR THE OPEN SITE 5-3 Layers of defense for a campus may take several forms, depending on the threat level for the campus as a whole and the threat level posed by ind i – vidual buildings. The campus in Figure 5-3 shows that in addition to the typical first line of defense outside the property, much of the site may also assume the roles of first and second lines of defense outside a fully pro – tected perimeter, for one or more higher-risk buildings. In this example, the campus may have open access, as in an industrial park, and individual buildings may have varying protection, from min – imal access control to the full three levels of defense around a high-ri sk building. In this latter case the rest of the campus becomes part of the first and second defense layer for the high-risk building. Other variations of campus protection are: m The campus may have limited access control, as in a university that controls access, providing information and parking permits at entry points and a degree of security against normal criminal activity. Specific high-risk buildings on campus may also have the full three layers of defense. Figure 5-2: Protective barrier located within the site, providing minimum stand-off. SECURITY DESIGN FOR THE OPEN SITE 5-4 m The whole campus may be a high-risk site, such as a military installation, a critical industrial facility, or a sensitive government laboratory. This campus would have full perimeter barriers and access control and second layer of defense measures within the perimeter. Some very high-risk individual buildings might also have a third layer of protection provision. Typically, a campus has sufficient acreage to provide the recommended stand-off protection. The exception might be an urban campus in which open space is limited. The precise mix of campus and building protection must be carefully evaluated to arrive at an integrated defense strategy. The remaining parts of this section describe the main security ele – ments for an open site. Most of the measures are relevant for high-risk to medium-risk buildings. These security elements can be imple – mented in conjunction with crime protection through environmental design procedures (CPTED). CPTED employs limited physical design measures that increase territoriality, together with natural surveil – lance and access control that increase the effort needed to commit crime, increase the associated risks of detection to the potential perpetrator, and reduce excuses for lack of compliance and inappro – priate behavior by visitors, residents, or employees. CPTED is outlined in more detail in Appendix A. Figure 5-3: Layers of defense for a campus type site. SOURCE: U.S. aIR FORCE, installation entry control facilities design guide SECURITY DESIGN FOR THE OPEN SITE 5-5 5.3 Access coNtroL poiNts t he objective of the access point is to prevent unauthorized access, while at the same time controlling the rate of entry for vehicles and pedestrians. An access point is a designated area for autho – rized building users: employees, visitors, and service providers. Access points along the defended perimeter are commonly shared between the first and second layers of defense, providing observation of approach , controlled entr y , and queuing areas. Structures such as control booths and equipment such as active barriers, communications, and closed-cir – cuit TV are layered throughout the entry sequence, to provide secured access points. These site features will normally be within the site prop erty line, but the access itself will be from a public roadway and form part of the first defense layer. Detailed guidance on the design of entry control points is provided in U.S. Navy (NAVFAC) publication ITG 03-03, Interim Technical Guidance (ITG) Entry Control Facilities, Atlantic Division, Norfolk, Virginia. The location of access control points and inspection areas should be at sufficient stand-off distance that detonation of a bomb on an uninspec ted vehicle does not impact the closest building and cause lethal damage. Figure 5-4 shows a typical layout of a high-security vehicle entry point and controlled access zone within a protected perimeter. An issue in the design of the entry control point is the orientation of parking at the visitor center and of vehicles at an inspection location. Due to the fragmentation of the axles and engine block caused by an ex – plosion, parking should not be oriented so that the front or rear of the vehicle is pointed toward a nearby building or guardhouse. Figure 5-4: Typical entry control point layout. SOURCE: US aIR FORCE, installation entry control facilities design guide SECURITY DESIGN FOR THE OPEN SITE 5-6 Whenever possible, commercial, service and delivery vehicles should have a designated entry point to the site, preferably away from high- risk buildings. Active perimeter entrances should be designated so that security personnel can maintain full control without creating unneces – sary delays. This can be accomplished by the provision of a sufficient number of entry points to accommodate the peak flow of pedestrians and vehicular traffic, as well as adequate lighting for rapid and effi cient inspection. The number of access points into a site should be minimized because they are a potential source of weakness in the controlled perimeter, and they are costly in construction and personnel. However, at least two controlled access points should be provided in case one is shut down by maintenance, bomb squad activity, or other causes. FEMA 426 , Section 2.5, describes a number of measures that should be considered in the design of entry control points. These are all driven by security needs and are important determinants of site planning. 5.4 co Ntro L of Vehicu LAr A ppro Ach speeD t he threat of vehicular attack can be reduced significantly by con – trolling vehicular speed and removing the opportunity for direct collision with the building. If the vehicle is forced to slow down and impact a barrier at a shallow angle, the impact forces are reduced, and the barrier can be designed to lower performance requirements. The speed of vehicles can be reduced by designing entry roads to sites and buildings so that they do not provide direct or straight- line access that will enable a vehicle to gather speed as it approaches. Moreover, indirect approaches to a building, together with appropriate landscaping and earth forms, can increase the attractiveness of the ap – proach. Framing the sight of the building by landscaping and other ways of controlling the views of the building can add to the aesthetic experiences of the approach. Figure 5-5 shows a portion of a threat vector analysis used to determine the alignment and curvature of access roads to a large facility. Based on this analysis, approaches to the facility can be designed to limit the speed of approaching vehicles. This method also provides opportuni – ties for enhancing the overall urban design of a site and its environs, increasing pedestrian safety. SECURITY DESIGN FOR THE OPEN SITE 5-7 Some specific devices and design methods of reducing vehicle speed are : m Traffic circles m Curved roadways m Speed bumps and speed tables m Raised crosswalks m Pavement treatments m Use of berms, high curbs and trees to prevent vehicles departing the roadway Some of these approaches are shown in Figure 5-6. Speed control approaching gatehouses is also a concern. Some of the devices and design methods listed above can be used when approaching gates. In addition, bollards around the gatehouse can be used to narrow the approach. Truck entrances will require wider lanes that can be handled by either active or removable bollards to limit the opening when trucks are not entering. Reduction of the opportunity for direct collision can be achieved by en – suring that approach roads do not permit head-on impact. If space allows , approaches should be designed that are parallel to the building façad e. Figure 5-5: Portion of threat vector study. The objective is to force the vehicle to impact the barrier at reduced speed and at a shallow angle. SOURCE: ROGERS MaRVEL aRCHITECTS LLC SECURITY DESIGN FOR THE OPEN SITE 5-8 5.5 GAtehouses AND security screeNiNG G atehouse and screening require access control with human in – tervention. Design of the entry control point must accomplish many security-related functions to accommodate traffic, control the approach and direction of vehicles, accommodate queuing, and sup – port the inspection staff. The placement of the control point itself, wi th the associated lanes and gates as well as the guard house and/or visitor center, must balance all these requirements. NAVFAC Publication ITG 03-03, Chapter 3, provides detailed guidelines for the design of gatehouses and associated screening and inspection layouts Figure 5-6: Methods of reducing vehicle approach speed. Small Traffic circle large Traffic circle aT Building enTrance ProvideS indirecT aPProach curved driveway aPProach SECURITY DESIGN FOR THE OPEN SITE 5-9 5.5.1 GAtehouses Guidance for the design of some considerations related to gatehouses in – cludes the following: m Gatehouses should be hardened as determined by the design basis threat and should provide protection from elements. m Gatehouses can be part of an important element for delivery and queuing. m If ID checking is also required between the traffic lanes, some measure of protection against hostile activity should be provided. m Gatehouses, lobbies, and guard posts should be provided with clear views of approaching traffic, both pedestrian and vehicular. m Queuing space for pedestrian visitors to gather as they wait to enter a building is necessary; this may be provided in a screening pavilion for visitors beyond the building entry, which may be at a distance from the main facilities. m Active vehicle crash barriers are necessary to deny entry and to give entry control personnel adequate time to respond to unauthorized activities. The response time is defined as the time required for complete activation of the active vehicle barrier once a threat is detected. The response time includes the time for security personnel to react to a threat and initiate the activation of the barrier system, and the time for the selected barrier to fully deploy and close the roadway. Figures 5-7 and 5-8 show detailed basic layouts for two types of gatehouse and entry barrier systems. Figure 5-7: Features of a typical vehicular entry control post, gatehouse at side. SOURCE: DELT a SCIENTIFIC CORP. SECURITY DESIGN FOR THE OPEN SITE 5-10 These diagrams show typical metal prefabricated gatehouses. Gatehouses designed to harmonize with the building architecture present a more at – tractive image (Figure 5-9) . Figure 5-9: Gatehouses should match the architecture. a simple small building, with fine iron gates, reflects the classical architecture of the main building. Figure 5-8: Features of a typical vehicular entry control post, center gatehouse. SOURCE: DELT a SCIENTIFIC CORP. SECURITY DESIGN FOR THE OPEN SITE 5-11 5.5.2 sALLy ports In very high-risk situations, a double row of barriers is used, creating a sally port. Before 9/11, sally ports were used almost exclusively in cor – rectional institutions. They consist of an enclosure with two electrical ly operated barriers; only one door is allowed to open at any one time. The first barrier opens only after authorized entry is determined: the second barrier is opened after the inspection is completed. This en – sures that a following vehicle cannot “tailgate” the lead vehicle and obtain entry without screening. Figure 5-10 shows a sally port used for vehicular entry. 5.5.3 screeNiNG A t DesiGNAteD iNspectioN AreAs Screening or a designated area of inspection typically starts with an ev al – uation of the anticipated demand for access of vehicles that will requir e inspection. Analyses of traffic origin and destination, the capability of the surrounding road network, including its capacity to handle addi – tional traffic, and the need for possible expansion capacity should th en be performed. These analyses should be coordinated with state and local departments of transportation, departments of public works, and law enforcement. When necessary, inspection areas should be designed to be as incon – spicuous as possible, blending seamlessly into the surrounding context. Figure 5-10: Sally port installation with two active barriers. Note NOGO barriers at the sides (see Section 4.6.1). SECURITY DESIGN FOR THE OPEN SITE 5-12 Appropriate landscape plantings, walls, fences, or creative architectura l details can be helpful. Screening of the inspection areas also helps en – sure that inspection procedures are not easily observed. Adequate space should be provided to perform inspection of pedestrians and/or vehicles without interrupting the normal flow of traffic. When considering access roads and inspections, designers should have in mind the following: m Approaches to the site should be designed to accommodate peak traffic demand without impeding traffic flow in the surrounding road network. m Pull-over lanes at site entry gates should be provided for initial vehicle check prior to allowing access to a site. m Holding or containment areas for screening vehicles should be established outside the secured perimeter that establishes the stand- off distance. The proper placement of these areas is critical to their effectiveness, the functionality of the site, and the overall appearance of the project. m Inspection areas should be large enough to accommodate a minimum of one vehicle and a pull-out lane. They should also be covered and capable of accommodating the inspection of the undercarriage plus overhead inspection equipment. Inspection bays that can be closed to protect inspection equipment and staff in the event of bad weather are ideal. m Parking of vehicles too close to the building should be avoided even after screening. m All available inspection technologies (e.g., above-vehicle and under- vehicle surveillance systems, ion scanning, and x-ray equipment) should be investigated when sizing and designing the inspection areas. m A separate, sheltered structure for pedestrian visitors may be a good solution when lobby space is limited. This also moves screening of small package bombs outside the structure (Figures 5-11, 5-12). SECURITY DESIGN FOR THE OPEN SITE 5-13 For high-security buildings, a final denial barrier after initial scre ening is necessary to stop unauthorized vehicles from entering the site. Most indi – viduals who attempt to enter without authorization are lost, confused, or inattentive, but there are also those whose intent may be to “run the gate.” A properly designed final denial barrier will take into account both g roups, safely stopping the individuals who have made an honest mistake, but pro – viding a properly designed barrier to stop those with hostile intentions . Final denial barrier placement is based on the activation time for weapo n delivery methods and the response time needed for a given scenario. For example, to stop a high-performance vehicle that accelerates from a stop at the ID check, given an 8-second response time, an active barrier shou ld be placed approximately 330 feet from the access control point so that i t can close before the vehicle reaches it. (Figure 5-13). Figure 5-11: Separate screening pavilion for visitors at building entrance. Well-designed structure blends with other site features and maintains character of surrounding context. Figure 5-12: Plan of the screening area. SECURITY DESIGN FOR THE OPEN SITE 5-14 5.6 the site Desi GN tA sK s t he fundamental objective of site planning is to establish the placement of buildings, parking areas, and other necessary structures in such a way as to provide a setting that is function – ally effective as well as aesthetically pleasing. The need for security adds another dimension to the range of issues that must be consid – ered (Figure 5-14). Figure 5-14: a well-designed site is both secure and aesthetically pleasing. Custom bollards, trees and seating create a safe and quiet place on a city plaza. SOURCE: PETER W aLKER aND P aRTNERS Figure 5-13: The final barrier. SECURITY DESIGN FOR THE OPEN SITE 5-15 The following aspects of the building program and layout may impact the security design: m Building footprint(s) relative to total land available. m Building location(s) or, if undeveloped, suitable building location(s) relative to the site perimeter and adjacent land uses, and the available distance between the defended perimeter and improved areas off-site. m Overall size and number of the structures to be placed on site. m Massing and placement of buildings that may impact views, sight lines, and screening. m Access via foot, road, rail, water, and air. m Proximity to fire and police stations, hospitals, shelters, and other critical facilities that could respond to emergency situations. m Presence of natural physical barriers such as water features, dense vegetation, and terrain that could provide access control and/or shielding, or suitability of the site for the incorporation of such features. m Topographic and climatic characteristics that could affect the performance of chemical agents and other weapons. m Management of visibility issues from outside site boundaries, including ensuring that vegetation in proximity to building does not provide the opportunity to screen covert activity. m Ability to limit the number of access/egress points, such as visitor entries, staff entries, and loading docks. m Internal vehicular circulation (driveways, surface parking areas) and pedestrian circulation (sidewalks, tunnels and bridges). m Location of uses and operations within the building, such as high- risk areas that require controlled access and higher levels of security, and their interface with site requirements. SECURITY DESIGN FOR THE OPEN SITE 5-16 5.6.1 site eVALuAtioN, GrADiNG, AND DrAiNAGe In addition to shaping the topography to support buildings and site functions, the site can also be used to control or direct blast away fro m vulnerable structures and to open or block views. The basic grading re – quirements include developing proper elevations for buildings, parking, and roadways, as well as providing positive drainage, tree preservation, and balanced cut and fill. Security impacts and opportunities include: m Surface storm water management areas, whether for detention or retention, that can be designed as site features. Their placement and design could enhance the effectiveness of stand-off zones. Local regulations will define the minimum requirements for these areas. Enhancement may include shaping the basin beyond the storm water management requirements to support appropriate vegetation and wildlife, or providing adjacent walkways and observation areas. Surface water areas may also be designed and placed to limit site access in a discreet manner (Figure 5-15). m Drainage swales that can be carefully located and designed to prevent the use of their lower elevations as hiding places. m Avoidance of low-lying areas that can trap heavier-than-air gas or slow dissipation of chemical and biological agents. Higher elevations are preferred for placement of sheltering in place or evacuation zones. m Earthworks that can be designed to serve as perimeter barriers (see Chapter 4, Section 4.4.1 for more detail) to support security design Figure 5-15: Run-off from a large factory site creates attractive wetlands: the water provides compelling arrival and departure experiences for visitors and employees. Though not intended as a security barrier, it would limit vehicle access from the threat side of the building. SOURCE: MICHaEL V aN V aLKENBURGH aSSOCIa TES, INC. SECURITY DESIGN FOR THE OPEN SITE 5-17 requirements in a number of ways. Earth forms and modifications of the existing topography, such as berms, ha- ha’s, steep slopes, or open water can be shaped to limit access. Such earthworks may be a less expensive solution than structures such as walls or barriers, or may be used in conjunction with them. Earthworks are most effective on large sites that have generous land areas available. 5.6.2 pLAcemeNt of New Bui LDiNG s Building placement and orientation within the site are major consider – ations. The building placement must balance the possibilities for stand- off distances; relationship to adjacent streets and buildings; and siting of util – ities, driveways, and surface parking areas, as well as access to parking garages and loading areas. The site designers should work closely with the building design team to integrate site and building design consideration s. Initial concepts for the placement of the building(s) on the site prov ide the first opportunity to establish adequate stand-off distances and de lin – eate security perimeters. Unless this is a very high-risk site, building placement based on construc – tion and operational efficiencies may well take precedence over optima l security requirements for a rare or non-existent event. 5.6.3 coNtroLLeD Access ZoNes The controlled access zone is one of the key elements when determining an effective placement of a building. Designers may determine if the building to be designed or protected may require an exclusive or non- The soil conditions encompassing the structure and in-ground infrastruct ures should be evaluated because they can influence blast effects. a weak soil (sand or loam) can fail easily but will not propagate blast effects for long distances. Strong soils (clay) or har d rock will not fail as easily, but the blast effects will be felt at longer distances. Similarly, soils affect CBR agent transfer; porous soils could allow lighter-than-air agents to rise to the surface, while dense soil could force the agents to follow the path of utility lifelines, allowing agents to enter the building. The maximum and minimum water table levels within the site relative to t he ground level on each side of the building should be established. Presence of underground wate r can have negative and unexpected effects on underground infrastructure and nearby building s. attenuation of blast pressures in wet soil is much lower than in dry soil. Blast pressures can reflect from the surface of an underground water table and create an undesirable vertically propagating blast wave that will hit the building from the bottom, causing uplift of part or the whole building. SECURITY DESIGN FOR THE OPEN SITE 5-18 exclusive access zone (see Figure 5-16). An exclusive zone is the as a rea surrounding a single building or building complex that is in the exclu – sive control of the owners or occupants : anyone entering an exclusive zone must have a purpose related to the building. A non-exclusive zone may be either a public right-of-way , such as plazas, sidewalks, and streets surrounding a downtown building, or an area related to several buildings , such as an industrial park with open access. It may range from a complet e physical perimeter barrier (full control), to relatively minimal anti-vehicle protection with full pedestrian access, to simply monitoring the perimet er with electronic means. Someone entering a non-exclusive zone could be headed for any building within that area. Figure 5-16: Exclusive and non- exclusive access zones. SOURCE: U.S. aIR FORCE, installation force protection guide Some projects may require control of pedestrians and bicycles. In that case, provision of a walkway and a turnstile for pedestrians (complying with ADA) should be considered. A dedicated bicycle lane may be offered if there is sufficient site population. 5.6.4 cLustere D or Disperse D Bui LDiNG Groups In suburban and rural locations, multiple buildings may be developed on a large site, such as a campus or an office park. Depending on the site characteristics, the occupancy requirements, and other factors, building s may be clustered tightly in one area or dispersed across the site. Both pat – terns have compelling strengths and weaknesses. SECURITY DESIGN FOR THE OPEN SITE 5-19 The concentration of people, property, and operations in one place creates a target-rich environment, and the mere proximity of any one building to any other may increase the risk of collateral impacts. In ad – dition, the potential exists for the establishment of more single-point vulnerabilities in a clustered design than would exist in a more dispers ed pattern. On the other hand, grouping high-risk activities, concentrations of per – sonnel, and critical functions into a cluster can help maximize stand-of f from the perimeter and create a more effective “defensible space.” This also helps to reduce the number of access and surveillance points and minimize the size of the perimeter needed to protect the facilities. By contrast, the dispersal of buildings, people, and operations across the site reduces the risk that an attack on any one part of the site will im pact other parts. However, this can also have a functional or social isolating effect, reduce the effectiveness of on-site surveillance, increase the com – plexity of security systems and emergency response, and create a less defensible space (Figure 5-17). Figure 5-17: Clustered facilities (left) and dispersed facilities (right). SOURCE: U.S. aIR FORCE, installation force protection guide 5.6.5 orieNtAtioN Orientation or the physical positioning of a building can be a major determinant of security. For the purpose of this manual, the term “ori – entation” refers to three distinct characteristics: a building’s spatial SECURITY DESIGN FOR THE OPEN SITE 5-20 relationship to the site, its orientation relative to the sun, and its v ertical or horizontal aspect relative to the ground. A structure’s orientation rel – ative to its surroundings defines its relationship to that area. In ae sthetic terms, a building can “open up” to the area or turn its back; it c an be in – viting to those outside, or it can “hunker down” defensively. A structure’s orientation in relation to prevailing winds may also be an issue if the pos – sibility of a CBR attack is being considered. By optimizing the positioning of the building relative to the sun, climate control and lighting requirements can be met while reducing power con – sumption. Similarly, the use of light shelves, skylights, clerestories, and atria can help meet illumination requirements while reducing energy usage. However, these energy conservation techniques present some important security considerations. For example, although natural ven – tilation is an effective and time-tested technique for efficiently coo ling buildings, the use of unfiltered outside air presents a major vulnerab ility to aerosolized CBR agents and to accidental releases of hazardous mate – rials. Additionally, awnings may become projectiles in a blast event, and the construction of operable windows may not be as blast-resistant as th e frames of fixed windows. 5.6.6 siGht LiNes The siting of the building should carefully consider what can be ob – served from areas beyond the project’s control. The design should maximize opportunities for internal surveillance of site perimeters and screening of internal areas from external observation. Topography, rel – ative elevation, walls, and fences are design elements that can open and close views. Vegetation can also open or block views, not only for secu – rity purposes but also to provide beauty and support way-finding. As a rule of thumb, vegetation should be very high or low, to keep views open. Vegetation at the base of buildings and structures should be de – signed and maintained to prevent people – or explosives – from bei ng hidden from view. Building form, placement, and landscaping inherently define the “ lines of sight ” in a space, and management of the threat of hostile surveil – lance is a consideration in the protection of people, property, and operations. Denying aggressors a “line of sight” to a potential ta rget, either from on or off site, increases the ability to protect sensitive i nfor – mation and operations from aggressors using direct (sighted) stand-off weapons. In addition to the use of various screening options, anti-sur – veillance measures (e.g., building orientation, landscaping, screening features, and landforms) can also be used to block sight lines (Figures 5-18 and 5-19). SECURITY DESIGN FOR THE OPEN SITE 5-21 Figure 5-19: Trees and screens block sight lines into the site. SOURCE: U.S. aIR FORCE, installation force protection guide Depending on the circumstances, landforms such as berms can be either beneficial or detrimental to anti-surveillance. Elevated sites may enhance surveillance of the surrounding area from inside the facility, but may also allow observation of on-site areas by adversaries. Buildings should not be sited immediately adjacent to higher surrounding terrain; unsecured buildings owned by unfamiliar parties; or vegetation, drainage channels, ditches, ridges, or culverts that can provide concealment. For high-risk buildings, it may be necessary to provide additional protec – tion by creating a clear zone immediately adjacent to the structure that is free of all visual obstructions or landscaping that might hide packages (Figure 5-20). Thus only very low or high planting may be admissible. Figure 5-18: Building exposed to view from high adjacent building; screen blocks view out from protected building. SOURCE: U.S. aIR FORCE, installation force protection guide SECURITY DESIGN FOR THE OPEN SITE 5-22 The clear zone facilitates monitoring of the immediate vicinity and visual detection of attack (and the approach of everyday criminals). Walkways and other circulation features within a clear zone should be located so that buildings do not block views of pedestrians and vehicles. If clear zones are implemented, it may be necessary to implement other anti-sur – veillance measures. Figure 5-20: Clear zone with unobstructed views. SOURCE: U.S. aIR FORCE, installation entry control facilities design guide 5.7 siGNAGe s igns for vehicular and pedestrian circulation are an important element of security. They can clarify entries and routes for pedes – trians, staff, visitors, deliveries, and service, each with differing functional objectives and security requirements to be satisfied. Signage can be designed to keep intruders out of restricted areas, but inadequat e signage can create confusion and defeat its primary purpose. Confusion over site circulation, parking, and entrance locations can contribute to a loss of site security. Unless required, signs should not identify sensitive areas. Signs should be vprovided off-site and at entrances. A comprehensive signage plan should include the following: m Provision of signage for each entry control point. m Entry control procedures signs that explain current entry procedures for drivers and pedestrians. SECURITY DESIGN FOR THE OPEN SITE 5-23 m Traffic regulatory and directional signs that control traffic flow and direct vehicles to specific appropriate points. m Consideration of use of street addresses or building numbers instead of detailed descriptive information inside the site. m Minimization of the number of signs identifying high-risk buildings. m Location of clear warning signs to ensure that possible intruders are aware of restricted entry areas. m Minimization of signs identifying critical utility complexes (e.g., pow er plants and water treatment plants). m Post clear signs to minimize accidental entry by unauthorized personnel into critical asset areas. m Location of bilingual (or more) warning signs should be used in areas where two or more languages are commonly spoken. The wording on the signs should denote warning of a restricted area. The signs should be posted at intervals of no more than 100 feet and should not be mounted on fences equipped with intrusion-detection equipment. Additionally, the warning signs should be posted at all entrances to limited, controlled and exclusion areas. m Location of variable message signs that give information on special events and visitors far inside site perimeters. 5.8 pArKiNG p arking is the transitional interface between vehicular and pedes – trian systems. These areas must be designed to accommodate both modes of transportation, safely, effectively, and in keeping with the overall site design strategy. There are five characteristic methods of providing parking spaces for staff, visitors, residents, and others: m Public on-street parking lanes m Surface parking lots m Free-standing parking structures m Underground parking structures m Parking within occupied buildings SECURITY DESIGN FOR THE OPEN SITE 5-24 Parking on open sites is typically accommodated by surface parking lots and/or parking structures. Parking within buildings or in underground parking structures is common in the central business district and is dis – cussed in Chapter 6, Section 6.7. On-street parking lanes may occur on any site but are particularly characteristic of urban areas and are also dis – cussed in Chapter 6. All parking in an open site should preferrably be located outside the stand-off zone for high-risk buildings. Control may be necessary at the entry parking in non-exclusive zones for regulation and fee collection. If the site has a perimeter barrier, authorization to enter the site and any necessary inspection can take place at entry control points, minimizing the need for additional control at parking structures. For high and moderate risk structures warning signs that are easy to un – derstand should be installed along the physical barriers and at each ent ry. An important design goal is the development of an efficient layout of the parking spaces and provision of an internal circulation that has cle ar paths for pedestrians and vehicles. Parking restrictions can help to kee p potential threats away from a building. Operational measures may also be necessary to inspect or screen vehicles entering parking areas. The following considerations may help designers to implement sound parking measures for buildings that may be at high risk: m Only permit parking by inspected vehicles within the stand-off zones and avoid or limit drop-off zones. m Provide appropriate setback from parking to the protected building. Structural hardening may be required if the stand-off is insufficient. In new designs, it may be possible to adjust the location of the building on the site to provide adequate setback from adjacent properties. m If possible, locate unexpected visitor or general public parking near, but not on, the site itself, or outside the stand-off zone. m Locate vehicle parking away from high-risk buildings to minimize collateral blast effects from potential vehicle bombs. m Locate general parking in areas that present the fewest security risks to personnel. m If possible, design the parking lot with one-way circulation to facilitate monitoring for potential aggressors. SECURITY DESIGN FOR THE OPEN SITE 5-25 m Locate parking within view of occupied buildings. Use carefully chosen plantings around parking structures and parking lots to permit observation of pedestrians while at the same time reducing the visual impact of automobiles. Topography, existing conditions, or aesthetic objectives may make this difficult or undesirable to achieve, and closed-circuit TV surveillance cameras may substituted. m For all stand-alone, above ground parking structures, maximize visibility for surveillance into, out of, and across the garage. m Do not permit uninspected vehicles to park within the exclusive zone or in the second layer of defense. Parking within the building is highly undesirable, but if it cannot be avoided the following restrictions may be applied: m Visitor parking with ID check m Company vehicles and employees of the building only m Employees or visitors with special needs, e.g. handicapped m Proper credentials for all passengers and full vehicle inspection m Restrict parking between individual buildings. m When establishing parking areas, provide emergency communication systems (e.g., intercom, telephones, etc.) at readily identified, we ll- lighted, closed-circuit television-monitored locations to permit direct contact with security personnel. m Provide parking lots with closed-circuit television cameras connected to the security system and adequate lighting capable of displaying and videotaping lot activity. In parking structures the following should be avoided: m Employ express or non-parking ramps, sending the user to parking on flat surfaces. m Avoid dead-end parking areas as well as nooks and crannies. SECURITY DESIGN FOR THE OPEN SITE 5-26 5.9 Lo AD iNG D ocKs AND serVice Access L oading docks and service access areas are commonly required for buildings and are typically desired to be kept as invisible as pos – sible. For this reason, special attention should be devoted to these service areas in order to avoid undesirable intruders. Designers should give consideration to the following: m Provide for screening in an inspection area, either off-site or a significant distance away from the loading dock, before permitting entrance to the loading dock. m Separate (by at least 50 feet) loading docks and shipping and receiving areas in any direction from utility rooms, utility mains, and service entrances, including electrical, telephone/data, fire detection/alarm systems, fire suppression water mains, cooling and heating mains, etc. m Avoid having driveways within or under buildings. m Provide signage to clearly mark separate entries for deliveries m Significant structural damage to the walls and ceiling of the loading dock may be tolerable as long as the areas adjacent to the loading dock do not experience severe structural damage or collapse. This can be achieved by the provision of adequate structural design that limits damage to the loading dock area and allows explosive forces to vent to the building exterior. The floor of the loading dock does not need to be designed for blast resistance if the area below is not occupied and/ or does not contain critical utilities. 5.10 physicAL security LiGhtiNG s ecurity lighting should be provided for overall site, building, and perimeter illumination to allow security personnel to maintain vi – sual-assessment during darkness. It may provide both a real and psychological deterrent for continuous or periodic observation. Lighting is relatively inexpensive to maintain and may decrease the need for secu – rity personnel by reducing opportunities for concealment and surprise by potential attackers. Lighting is particularly desirable for sensitive ar eas of a site such as pier and dock areas, vital buildings, storage areas, and vul – nerable control points in communications, power, and water distribution systems. It facilitates detection of unauthorized personnel and makes th e job of an attacker more difficult. SECURITY DESIGN FOR THE OPEN SITE 5-27 At entry control points, a minimum surface lighting average of 4 hori – zontal foot-candles will help ensure adequate lighting for pedestrians, islands, and guards. Where practical, high-mast lighting is recommended, because it gives a broader, more natural light distribution, requires fewer poles (less hazardous to the driver), and is more aesthetically pleasi ng than standard lighting. Lighting of the entry control point should give drivers a clear view of the gatehouse and, for security personnel, a clear view of vehicles in the area. The type of site lighting system used depends on the overall requirement s of the site and the building. Four types of lighting are used for securi ty lighting systems: m Continuous lighting is the most common security lighting system. It consists of a series of fixed lights arranged to flood a given ar ea continuously during darkness with overlapping cones of light. Two primary methods of using continuous lighting are glare projection and controlled lighting: m The glare projection security lighting method lights the area surrounding a controlled area with high-intensity lighting. It is a strong deterrent to a potential intruder because it makes him or her very visible, while making it difficult to see inside the secure area. Guards are protected by being kept in comparative darkness while being able to observe intruders at a considerable distance. This method should not be used when the glare of lights directed across the surrounding territory could annoy or interfere with adjacent operations. m Controlled lighting is best when there are limits to the lighted area outside the perimeter, such as along highways. In controlled lighting, the width of the lighted strip is controlled and adjusted to fit the particular need. This method of lighting may illuminate or silhouette security personnel. m Standby lighting has a layout similar to continuous lighting; however, the lights are not continuously lit, but are either automatically or manually turned on when suspicious activity is detected or suspected by security personnel or alarm systems. m Movable lighting consists of manually operated, movable searchlights that may be lit during hours of darkness or as needed. The system normally is used to supplement continuous or standby lighting. Movable lighting is also used to assist in vehicle inspection in temporary and permanent vehicle inspection areas. SECURITY DESIGN FOR THE OPEN SITE 5-28 m Emergency lighting is a backup power system of lighting that may duplicate any or all of the above systems. Its use is limited to times o f power failure or other emergencies that render the normal system inoperative. It depends on an alternative power source, such as installed or portable generators or batteries. Emergency backup power for security lighting should be considered. 5.11 chemic AL, BioLo Gic AL, AND rADioLoGicAL issues A major concern is the vulnerability of buildings to CBR threats. The following discussion is limited to those aspects of pro – tection against CBR that concern site design and building placement. Issues relating to urban sites are covered in Chapter 6, Sec – tion 6.10. A more complete outline of the nature of the CBR threat and the protective measures and actions to safeguard buildings is provided i n FEMA 426, Reference Manual to Mitigate Terrorist Attacks Against Buildings , Chapter 5, Sections 5.1-5.7. The main protective measures against CBR are: m Evacuation m Sheltering in place m Air filtration and pressurization m Exhaustion and purging m Personal protective equipment Of these measures, evacuation may affect planning for a large open site because of provisions needed for assembly and staging. Provision for she l – tering in place is an aspect of building design, while air filtering and exhaustion are related to the building heating, ventilating and cooling (HVAC) system. Because in the urban situation, air intakes may be situ – ated adjacent to a public sidewalk, location and protection of intakes i s important. Personal protection refers to equipment such as respirators, escape hoods, CBR detectors, decontamination equipment, etc., which would be used by trained personnel. CBR releases have two components – terrorism and hazardous materials (industrial accidents). Terrorism has a lower likelihood but a higher con – sequence, involving high concentrations of a contaminant agent targeted against a specific site or building. Hazardous material accidents are the opposite – higher likelihood but somewhat lower consequence – due to probable lower concentrations and doses (accumulated concentrations over time), since the building or site is not directly targeted. SECURITY DESIGN FOR THE OPEN SITE 5-29 Hazards that originate outdoors are typically less severe than airborne hazards that originate indoors. Even without special protective systems, buildings can provide protection in varying degrees against airborne haz – ards that originate outdoors. For indoor hazards, the building HVAC systems are of particular concern because they can become an entry point and distribution system for contaminants. Because buildings allow only a limited exchange of air between indoors and outdoors, not only can higher concentrations occur when there is a release inside, but hazards may also persist longer indoors. Three aspects of site planning and design have a bearing on CBR protecti on: m Placement and orientation of a new building should take into account prevailing winds, although the actual wind direction and speed at the time of an outdoor release will directly affect the building. m The surrounding terrain may result in channeling a CBR release towards the site and building. m Building elevation is relevant, because heavier-than-air contaminants will have greater impacts upon low-lying areas, as the agent hugs the ground as it disperses. Thus, since most CBR agents are heavier than air, raising air intakes on buildings is the most beneficial action to ta ke. Lighter-than-air CBR agents would be of greater concern if the pre – vailing wind directed the agent to the air intakes (in a similar manner to reflected blast pressure on the face of a building), and the air i ntakes pulled the agent into the building because the HVAC equipment was still operating. Placing the air intakes on the side away from the prevailing wind should reduce the agent uptake into the building, since the wind clears the agent around the building and the intakes are somewhere sheltered against the wind. 5.11.1 stAGiNG AreAs for cBr eVAcuA tioN A CBR event may be such that no building occupants are affected or contaminated, but it is necessary to evacuate the building to prevent possible spread and to decontaminate affected areas. Following a CBR event that results in casualties (injuries or deaths) it is imperative that ev – eryone who is in the building be decontaminated for medical treatment, whether on-site or in a hospital, so that ambulances will not require ex – tensive decontamination later. For the latter type of building evacuation, it is important to designate as – sembly and staging areas where personnel should gather after evacuation. Pre-event planning should designate, if possible, four assembly points (one for each side of the building, so that wind conditions can be acco m – SECURITY DESIGN FOR THE OPEN SITE 5-30 modated). After the attack, the assembly area should be selected. A hea d count should be taken, and a method for accounting for non-employees, such as visitors and suppliers, should also be established. The assembly and staging areas must accommodate a number of func – tions. Some of the characteristics and requirements of a staging area ar e noted below. A full description of the procedures involved after an attack and the requirements for the staging area are provided in FEMA 453, Safe Rooms and Shelters, Protecting People Against Terrorist Attacks , Sections 1-9 and 1-10. The following is a brief outline of some of the considerations . The assembly area is divided into three containment zones: m Hot Zone – the area where the agent or contaminant is in high concentration and high exposure, typically an ellipse or cone extending downwind from the release. m Warm Zone – the area where the agent or contaminant is in low concentration or minimal exposure, typically a half circle in the above- wind direction. m Cold Zone – those areas outside the hot and warm zones that have not been exposed to the agent or contaminant. Figure 5-21 shows the characteristics of an assembly area capable of dealing with a large-scale event, perhaps occurring on a large campus-type site. Some consideration should be given in the site planning and design for how such an area would be accommodated. In this diagram, the dimensions shown are illustrative only and would vary for the nature and size of the event, the number of casualties, and the topography and size of the site . After a CBR attack, occupants leaving a shelter must go through several staging areas to ensure that any CBR contamination not be spread across a larger geographical area. To control the potential spread of a CBR agent and ensure the safety of the victims and first responders, several staging areas and designated entry and access points for three key zones would be established. These are: m Patients staging area (PSA). The PSA is located in the cold zone and is the transfer point for victims who have been stabilized for transport to higher care medical facilities or for fatalities to be transported to morgue facilities. The PSA must be large enough to accommodate helicopter operations and a large number of ambulances. m Contamination control areas (CCA). The CCA is located on the boundary of the cold and warm zones and is used by the rescue and decontamination personnel to enter and exit the warm zone. Mass casualty decontamination occurs in the warm zone. SECURITY DESIGN FOR THE OPEN SITE 5-31 m Safe refuge area (SRA). The SRA is located in the warm zone and is used to assemble survivors and witnesses who are not injured and will require minimal medical attention and decontamination. Law enforcement and FBI agents can conduct interviews and gather evidence at the SRA. Figure 5-21 also shows the location of the casualty collection point (C CP). The CCP is located in the warm zone and will typically have three pro – cessing stations, as shown in Figure 5-21. Figure 5-21: Containment zones and staging areas. SOURCE: FEMa 453 SECURITY DESIGN FOR THE OPEN SITE 5-32 5.12 iNfrAstructure AND site utiLities In-ground infrastructure can be any of the following: m Standard utility lifelines such as water, gas, steam, sewer, storm water, electric communications, etc. m Any structure that can be used by persons, such as subway tunnels, stations, large sewer or water tunnels, or pipes. m Ventilation shafts supplying either the building or the in-ground infrastructure. These infrastructure systems should be protected at the site level, wher e they support operations, buildings, their occupants, and other assets. These systems have vulnerability throughout the three layers of defense, in the public or private rights-of-way (ROW), at the entries to and wi thin the property, and at the entry to the building. Failure of part of the on-site infrastructure, such as tunnels and utili ty cor – ridors that are in close proximity or attached to the building, may impa ct the structural system, and the failure of one system may initiate failur e of the other. At the outset of design, it is important to identify accurately how close the utility lines are to the building and how far (vertically and horizonta lly) they are in-ground or above ground. Following are key issues in relation to site utilities and infrastructur e. m Based upon the size of a lifeline, such as a large sewer system, access to the site or building may be possible and, based on the size of the utility service entrance to the building, intruders or CBR agents may be able to enter the building. Large entrances should be secured against unauthorized access. m On-site infrastructure may be connected to the building by passageways, subways, tunnels, connecting stairways, entrance/exit portals, ventilation shafts, and direct connections from utility lifelin es. m Nearby on-site lifelines that are not connected to the building, such as a natural gas pipeline, may still pose a threat. SECURITY DESIGN FOR THE OPEN SITE 5-33 m Redundant sources of supply and any on-site storage needs, e.g., water storage (for domestic and industrial use or fire suppression), fuel storage, and on-site generators, should be identified. Each utility system’s requirements for siting, redundancy, and safety should be addressed. m Transformers and switchgear should be protected and secured with fences or protective structures. Utility areas in non-exclusive zones (such as water sources, transformer banks, commercial power and fuel connections, and heating and power plants) are often required to have perimeter barriers for health and safety reasons; these barriers may need to be enhanced for high-risk security locations. m All utility penetrations of a site’s perimeter barrier, including penetrations in fences, walls, or other perimeter structures, should be sealed or secured to eliminate openings large enough for persons to pass through the barrier. Typical penetrations could be for storm sewers, water, electricity, or other site utility services. m If access is required for maintenance of utilities, penetrations should be secured with screening, grating, latticework, or other similar devices so that openings do not allow intruder access. Provide intrusion detection sensors and consider overt or covert visual surveillance systems, if warranted by the sensitivity of assets requiring protection. m Protect drainage ditches, culverts, vents, ducts, and other openings that pass through a perimeter and that have a cross-sectional area greater than 96 square inches and whose smallest dimension is greater than 6 inches by securely fastened welded bar grilles. As an alternative, drainage structures may be constructed of multiple pipes, with each pipe having a diameter of 10 inches or less. Multiple pipes of this diameter may also be placed and secured in the inflow end of a drainage culvert to prevent intrusion into the area. Ensure that any addition of grills or pipes to culverts or other drainage structures be coordinated with the engineers, so that they can compensate for the diminished flow capacity and additional maintenance that will result from the installation. m Secure manhole covers 10 inches or more in diameter. They may be secured with locks and hasps, by welding them shut, or by appropriate bolting to their frames. Ensure that hasps, locks, and bolts are made of materials that resist corrosion. Keyed bolts (which make removal by unauthorized personnel more difficult) are also available. If very high security is required, manhole covers that resist shattering after being artificially “frozen” by an aggressor should be considered. SECURITY DESIGN FOR THE OPEN SITE 5-34 m .Prepare vulnerability assessments for all utility services to the site, including all utility lines, storm sewers, gas transmission lines, electricity transmission lines, and other utilities that may cross the s ite perimeter. m Locate on-site petroleum, oil, and lubricant storage tanks and operations buildings down slope from all other buildings. Site fuel tanks at an elevation lower than operational buildings or utility plants . Locate fuel storage tanks at least 100 feet from buildings. m Provide on-site utility systems that support site security, life safety, and rescue functions with redundant or loop service, particularly in the case of electrical systems. Where more than one source or service is not currently available, provisions should be made for future connections. m Where redundant utilities are required in accordance with other requirements or criteria, ensure that they are not collocated or do not run in the same chases. This minimizes the possibility that both sets of utilities will be adversely affected by a single event. m Decentralize a site’s communications resources when possible; the use of multiple communications networks will strengthen the communications system’s ability to withstand the effects of a terrorist attack. m Where emergency backup systems are required, ensure that they are located away from the systems components for which they provide backup. 5.13 LAND scApi NG – pLAN t se Lectio N AND DesiGN Landscape design uses a palette of living materials that respond to sea – sonal changes in climate and change in size and mass over time. (Figure 5-22). Selection of appropriate plant materials for security is an important ta sk. Security plantings often suffer from harsh environmental conditions, suc h as limited watering, undersized planting areas and beds, compacted soils , and runoff of chemicals from roads and sidewalks. These conditions are not conducive to healthy plants. SECURITY DESIGN FOR THE OPEN SITE 5-35 Following are some considerations for the use of planting for security, m When a living landscape is installed with a security function, it needs to be well maintained to support its continued health and effectiveness. m Planting can be effectively used to soften and enhance the sometimes stark appearance of barrier walls, planters, and other security elements (Figures 5-23, 5-24). Figure 5-22: Plant materials can provide shading for buildings, parking, walkways, and outdoor use areas; bring enhancement to buildings and plazas; and mark the seasons with their varied colors and forms. SECURITY DESIGN FOR THE OPEN SITE 5-36 m Planting can be used as a perimeter barrier in the form of thorny hedges and dense hedgerows. However, this approach is not always acceptable to security specialists due to the potential for plants to di e, and possible maintenance problems versus the greater permanence of structural solutions. m Choice of plant material with the ultimate size and maintenance requirements in mind must ensure that plants do not ultimately block important sight lines or create hiding places. In general, plants near buildings should be high to keep sight lines open. Low planting adjacent to buildings may be admissible, but its height and density should not provide hiding places for people or packages or isolated areas that are not easily observed (Figure 5-25). Figure 5-23: Use of planting to soften and enhance the appearance of walls and other security elements at the Seattle Courthouse. SOURCE: PETER WaLKER aND PaRTNERS Figure 5-24: Use of planting in conjunction with perimeter barriers, Seattle Courthouse. SOURCE: PETER W aLKER aND PaRTNERS SECURITY DESIGN FOR THE OPEN SITE 5-37 m Conflicts may occur between planting areas and underground utilities. Below-ground conditions should be accurately identified before landscape design is commenced; understand underground conditions to avoid potential problems (Figure 5-26). Figure 5-25: Planting design with high foliage to keep ground level sight lines open but close off other sight lines into building. SOURCE: NCPC Figure 5-26: Relationship between security elements and underground conditions. SOURCE: EDaW, INC. SECURITY DESIGN FOR THE OPEN SITE 5-38 5.14 coNcLusioN A ddressing security as an integral part of site design helps to maintain the character of the site and enhance its relationship to the surrounding neighborhood. Careful building placement and acknowledgment of the importance of sight lines will help to ensure a successful design. It is important to treat security design as a piece of a larger urban pl an for the site. By incorporating security features that serve more than one purpose, the design can enhance the everyday security at the site while protecting against possible terrorist activity. The layers of defense provide a logical structure for design development , influencing patterns of circulation and selection of plant materials a nd fostering creative lighting techniques to form a functional, aesthetic, and secure site. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6 6-1 SECURITY FOR CENTRAL BUSINESS DISTRICTS 6.1 INTRODUCTION F or this publication, a central business district and downtown are terms referring to the commercial heart of a city. The events fol- lowing the attacks in New York City on September 11, 2001, are recorded as among the worst building disasters in history and resulted in the largest loss of life from any single building collapse in the United States. Since the attacks of September 11, 2001, many security measures were installed in the central business district in New York City. In some cases these installations have been considered successful from a security, ar – chitectural, urban planning, and cultural preservation standpoint. In other cases, however, the installation of security barriers has had a det- rimental effect. For example, the placement of physical barriers has caused unnecessary interruptions on streets and sidewalks. In many cases, it has minimized the efficiency of pedestrian and vehicle circu la- tion systems, and potentially prevented the access of first responders in case of an emergency. If national security concerns continue, the need for barrier systems of various kinds may increase as our major cities continue to grow. However efficient pedestrian and vehicle circula- tion systems are also important for day-to-day living, and are critical for emergency response, evacuation, and egress. This chapter focuses on providing security for typical central business district sites, in which space is limited and many of the measures appli – cable to open sites cannot be implemented. 6.2 LAYERS OF DEFENSE AND URBAN SITE TYPES A lthough the layers of defense for a central business district are very compressed, the general principles still apply. The layers may be narrow and some layers of defense may share the same space. As will be shown, in the zero setback site, the second layer of defense ceases to exist, while building yards and plazas form the second layer. Note that if the sidewalk provides the only defended stand-off, every foot of setback is value. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-2 Three generic site types will be found in the central business district of any large city. These are: m Buildings with zero setback and alleys: the front wall of the zero setback building face is on the property line. An alley is a special cas e of a site with zero setback zoning in the form of a narrow street that divides a city block and provides service access to the buildings (Figure 6-1). m Buildings with yards: the building is set back a small distance from its property line, and the space is usually landscaped. Yards may be on the front, sides, and rear of the building (Figure 6-2). Figure 6-1: Zero setback (left) and alley (right). Figure 6-2: The building yard. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-3 m Building with plazas: The building is placed within a private or public open space that is publicly accessible (Figure 6-3). In addition, all sites have a common set of urban elements: sidewalks, streets, and streetscape such as benches, planters, signs, et c. Planning, design, and placement of security elements in the central business district should not be detrimental to the critical urban design components that contribute to the success of vibrant, livable cities: m A well-connected street system where the vehicle user and pedestrian have many choices to maneuver through a congested city to maintain traffic flow and pedestrian movement. m A well-defined pedestrian-scaled streetscape vocabulary that includes a consistent street wall and ample maneuverable areas for walking, waiting for public transit, and enjoying outdoor commercial activities such as eating, vending, window shopping, etc. m Publicly accessible ground-level commercial, cultural, or educational uses. If these uses cannot be accommodated within the building, then alternatives should be considered, such as outdoor vending or kiosks or types of visually appealing and interesting features along the ground floor of the building. m Attractive and durable street furniture and utility infrastructure (signage, trees, benches, light poles, trash receptacles, security elements, etc.). Figure 6-3: The plaza. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-4 6.2.1 Z ERO SETBAC k BUILDIN gS Due to the high cost of urban real estate, limited developable area and need to maximize use of space, most central business district buildings are commonly developed with exterior walls on the property line. In this typ e of site, the area between the property line and the building face, that in the open site provides the second layer of defense, does not exist. The sidewalk provides part of the first and second layers of defense. The third layer starts at the building face, which is also the property line. Often the sidewalk is a grey area, and barriers may be in the sidewalk or the building yard. If barriers are in the sidewalk, the city must review and give per mis – sion; if in the owner’s property, no permission is necessary (Figure 6-4). Figure 6-4: Layers of defense for zero-setback building. When the property line is at the face of the building, the total space f or perimeter barriers shrinks to a few feet of public sidewalk, and the str eet may be only a narrow alley primarily used for delivery. In these circum – stances the strategies are limited and often challenging to employ due t o space limitations and conflict with day to day use of the building and site. When planning barrier systems, the removal of curbside parking, or stree t closures, the following issues need to be considered: SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-5 m Placing barriers within the sidewalk may cause long-term impairment of public mobility on sidewalks increased traffic congestion due to loss of traffic lanes and on-street parking, and may not be welcome or desirable. Limiting pedestrian movement in downtown districts and restricting access to stores, restaurants, offices and apartments can have a negative impact on the functionality of urban life and the viability of a city neighborhood. m In many areas, street parking is often located within a desired stand-of f zone. This parking is sometimes prohibited to increase the stand-off distance, but this practice should be avoided as much as possible (Figure 6-5). m Curbside parking should not be removed unless additional stand-off distance is absolutely necessary for high-risk buildings. High curbs and other measures may be installed to keep vehicles from departing the roadway in an effort to avoid security counter measures. When required, sidewalks can be widened to incorporate the area devoted to the curb lane. In some instances, prohibition of street parking or lane closure can be used as a temporary measure during times of increased alert. Temporary closure against enhanced threat should be carefully planned rather than improvised with ugly and disruptive measures (Figure 6-6). Figure 6-5: Permanent removal of parking from the curb lane of a major building results in a day-to-day inconvenience. SOURCE: NCPC SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-6 In order to obtain adequate stand-off and restrict vehicular access in urban locations of very high risk, street closures and vehicular control and inspection can be considered. This solution should be carefully planned to establish its overall feasibility, based on its impact on the transportation infrastructure and possible disruption to local traffic pat – terns. A traffic study is necessary to provide more details of the impact of street closure and vehicular control and inspection on the local traffic pattern and neighborhood usage. When street closure is not feasible to provide adequate stand-off, a so – lution is to harden the building structure, glazing, and openings, and provide increased surveillance and security. Complete hardening of the structure and exterior envelope is realistic for a new building but very expensive for an existing one. Careful investigation may show that partial hardening, such as the lower floors of glazing and some strengthening of exposed perimeter columns, will reduce the risk to an acceptable level. Increased surveillance should also be provided to identify suspicious vehicles on adjacent streets, together with effectiv e screening at public entrances and service areas. m It may be desirable to regulate the type of traffic in urban areas to restrict the size of vehicles: for example, to prohibit truck traffic in certain zones to reduce the risk of a particular magnitude of explosion. In a central business district in which the threat to an individual building is relatively low, the building is well constructed, and the possi – bility of a head-on high-velocity vehicle attack is minimal, acceptance of Figure 6-6: Improvised street closure and control. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-7 risk may be the most reasonable course of action. Many older buildings (late 19th and early 20th centuries) are strong structures consisting of a steel frame encased in masonry or concrete, with small window open – ings and masonry walls. Earlier buildings may have load-bearing walls with massive lower floor walls. They may withstand considerable impact , but if once breached, progressive collapse may be more likely than for steel or reinforced concrete framing. In summary, the central business district requires a compromise solution that involves some or all of the following measures: m Provide a barrier at the sidewalk edge to obtain a few more feet of stand-off and prevent vehicles mounting the sidewalk. m Remove critical functions from the lower floors. m Strengthen glazing and frames. m Harden loading docks and garage areas. m Use intensive surveillance by cameras and security personnel. Sidewalks are often only about 10 feet wide and as little as 6 feet in a l – leys, making it impossible to establish adequate stand-off distance. For high-threat sites, a perimeter barrier at the edge of the sidewalk (but al – lowing space for car doors to open) both protects pedestrians from close traffic and prevents potential attackers from mounting the sidewalk. Figure 6-7 shows a building that has a 7-foot-wide sidewalk facing a narrow street that is, nevertheless, an important roadway that must be maintained; the protection shown is temporary. The building defense relies on preliminary screening at the sidewalk behind temporary metal barriers, followed by full control and search within the building en – trance. Jersey barriers are placed at curbside to protect pedestrians from traffic and prevent a passing attacking vehicle from mounting the curb and evading pursuit. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-8 Use of Jersey barriers as shown in Figure 6-7 above is undesirable, because they are not an effective barrier, are unattractive in appearance and may interfere with car door opening. This is a temporary version of the more satisfactory engineered bollard layout shown in Figure 6-8. In this instance, the sidewalk serves as the second layer of defense. Well-designed engi – neered bollards inset from the sidewalk edge, and interspersed with tree s, allow for car door opening, prevent an attacker from mounting the side – walk, and provide the everyday advantage of protecting pedestrians from normal traffic on a busy street. Temporary metal barriers are used between curb and building when a screened entrance is in use, and the engineered barriers at the sidewalk delineate the transition to the first defense layer. Figure 6-8: A well-designed zero- setback protection. The engineered bollards define the transition between the first and second layers of defense and the street trees soften the intrusion of bollards. Figure 6-7: Unsatisfactory example of temporary protection for a high-risk zero-setback building. If the Jersey barriers are not embedded, they can be pushed aside by a vehicle. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-9 6.2.2 ALLEYS The most extreme forms of the zero-setback building are found in alleys: a typical alley roadway has a width of about 20 feet, with a sidewalk pe r – haps as little as 6 feet wide. Sometimes there is a sidewalk on only one side of the alley (Figure 6-9). Figure 6-9: Alleys. Note single sidewalk (right). The protective measures described above for zero-setback buildings apply to buildings serviced by alleys. In alleys and typical urban streets, adequate stand-off distance is ofte n an impossibility without street closure, but permanent closure is often not feasible because of service entry needs. In this instance, street closure that also allows service access can be achieved by use of active barriers, such as retractable bollards or other devices, together with security personnel and well-planned screening and inspection facilities. Well-planned and well-designed street closures can enhance the quality of a street, even in a high-risk area. It is critical that a permanent s treet closure be planned, not only as part of an organized traffic study tha t re – spects existing traffic patterns, but also tries to find an opportunity to improve them and enhance the neighborhood. Control of vehicular speed is also important for security. This is discussed in Section 5.4 but some of the methods noted in that section (such as traffic circles) may not apply in the urban environment because of lack of space. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-10 Security measures can be both effective and attractive if design attenti on is focused on the required performance, and imagination is used in ma – terials and forms. Good design requires site-specific, context sensitive solutions. The function of the public realm and the site’s context must be carefully considered when designing and placing hardened streetscape el – ements, and placement of these elements must be carefully evaluated to avoid visually and physically cluttering the streetscape. Solutions shou ld not be universally applied. In some cases, in important historic areas o f cities or in relation to important historic buildings, security elements in public space should be discouraged altogether. Case Study 6 provides an example of a well-researched neighborhood protection plan that uses street closure to provide stand-off and also e n – hances the urban values, vitality, and function of the protected area. CASE STUDY 6: NEW YORK CITY FINANCIAL DISTRICT 1.0 INTRODUCTION 1.1 Project Scope After 9/11, the New York City Financial District was identified as a likely target for terr orism. The City of New York and the New York Stock Exchange (NYSE) took immediate steps to secure the perimeter of the financial district. The city’s public spaces suff er from heavy-handed, quick-fix installations of cumbersome security devices that mar the experience of the public realm. The financial district is a close irregular pattern of streets heavily traveled by automobiles, service vehicles, and pedestrians; to create sufficient stand-off for the NYSE would entail closing a number of streets. This was initially accomplished by a vast array of jersey barriers, barricades, and stationary pick-up trucks to block incoming traffic, together with increased security personnel and manned check points that had a negative effect on the quality of the city’s public spaces. Rogers Marvel Architects led a multidisciplinary team that included Quennell Rothschild Partners (landscape), Weidlinger Associates (force protection), Ducibella Ventor and Santore (security) ands Philip Habib Associates (traffic). In addition, a number of public a gencies were involved, including the NYC Department of City Planning, the Lower Manhattan Development Corporation, the NYC Economic Development Corporation, the NY Stock Exchange (NYSE), the NY Police Department (NYPD), and the NYC Department of Transportation. The plan recognizes that the real problem is not security itself, but how to prevent the threat of attack from des troying the urban fabric, preserving a psychology of openness, and treating security as an amenity withi n the public realm. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-11 CASE STUDY 6: NEW YORK CITY FINANCIAL DISTRICT (continued) 2.0 THE DESIGN APPROACH 2.1 Issues Addressed The basis of the Rogers Marvel team’s approach was to build only amenities. Security was seen as an urban design problem, involving the use of security dollars to create or enhance public space. That way, the finished project would benefit the community, whether or not the security features were ever put to the test. The security infrastructure is programmed for civic functionality as wel l as protection. This entailed four strategies: m Rethinking the way the financial district works in terms of circulation and security m Changing the traffic pattern and lessening the impact of security measures m Dispersing the necessary protection element among streetscape elements m Because of the density of the urban space, making every inch count 2.2 Security Strategy First Layer of Defense m Perimeter barriers consisting of bollards and specially designed sculptured forms used to provide street closures. The sculptured forms, or “NOGOs,” need only a shallow foundation and add an interactive element to the streetscape. m Controlled access was maintained by rotating road barriers, turntables, and other operable barriers. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-12 CASE STUDY 6: NEW YORK CITY FINANCIAL DISTRICT (continued) Second Layer of Defense m Judicious street closures, with controlled access, in order to provide adequate stand-off from possible target assets. m Closures carefully planned to enhance pedestrian experience and create well-used pedestrian plazas. Third Layer of Defense Many of the key buildings in the district are older buildings well constructed in a monumental style. Individual owners have pursued appropriate defense measures depending on the nature and location of their assets. 2.3 Blending with the Neighborhood Context This project uses a family of specially designed streetscape elements th at reinforce the identity of the financial district and the NYSE area. In addition, the project address es this generation’s threats with proposals that connect the programmatic needs of the contemporary streetscape with the original canal and security perimeter of New Amsterdam. Road beds are remade using walkable cobble stones as a surface, further defining the “pedestrian space.” Lighting and open spaces are added to create a sense of community within the financial district. 3.0 INNOVATIONS AND BEST PRACTICES This project was largely responsible for the development of a number of streetscape items. It successfully illustrates ways to treat security as an amenity instead of a burden. The security design established a vehicle-free pedestrian plaza on Broad Street and added pedestrian- oriented street lighting throughout the district. The financial district is no longer a workday community emptying after the trading floor closes. Through rezoning and redevelopment, the character of the district is changing to a 24-hour community with restaurants, schools, r etail, and resident families. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-13 CASE STUDY 6: NEW YORK CITY FINANCIAL DISTRICT (continued) The NOGO sculptured barrier and the “turntable” are described in section 4.6. In addition, reinforced glass street furniture and specialized street lighting have been developed. WALL STREET AND BROADWAY BEFORE (LEFT) AND AFTER (RIGHT). 6.3 BUILDINg YARDS S ome buildings have a “yard” between the building face and the sidewalk. The yard is within the property line and typically con – sists of a grassy or planted area adjacent to the building. Yards are usually provided for governmental or institutional buildings in which co v – erage of the entire property may not be as economically critical as it i s in private development. Yards are typically narrow, on the order of 10 to 20 feet, providing some stand-off distance beyond the sidewalk. Although compressed, the three layers of defense can be identified in the building with a narrow yard shown in figures 6-10 (plan) and 6-11 ( sec – tion). The curb lane and the sidewalk together form the first layer o f defense. The sidewalk serves as the common space for pedestrian move – ment, activity, and interaction. The building yard is the second layer of defense. In the yard, security components should complement the building architecture and the landscaping, because they will be easily v is – ible from the sidewalk, and should be located near the outer edge of the yard. An engineered planter or plinth wall can provide a good security barrier for this layer. The third layer of defense is at the face and interior of the building. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-14 Some major public buildings may have wide yards in the form of land – scaped forecourts that can offer reasonable stand-off distance. Sometime s small yards (within the property line) are matched with a wide sidewalk provided by the city: the one shown in Figure 6-12 is about 40 feet wide, which begins to offer useful stand-off. Figure 6-10: Layers of defense for a building with yards (plan). Figure 6-11: Layers of defense with a yard (section). SOURCE: FEMA E155 SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-15 A flush or low planter provides little or no protection from vehicles, but an engineered planter or high retaining wall and planter can be an effec – tive barrier (Figure 6-13). Figure 6-12: Narrow yard with a raised planter (left); narrow yard and low planter with a wide sidewalk (right). Figure 6-13: A typical raised low planter (left) may be too low to present a signifi cant barrier to vehicles. The high stepped yard (right), which runs along the side of the building, is a significant barrier and could also act as a blast deflector from a curbside vehicle. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-16 Security elements within the building yard should complement the building architecture and landscaping, and should be designed to ap – pear as well-designed landscape objects rather than as security measures (Figure 6-14). Figure 6-14: Barriers in harmony with the architecture. The seating (left) and the serpentine wall (right) are engineered barriers. SOURCE: NCPC 6.4 PLAZAS W hen extensive business district development with very large buildings began after World War II, and the straight tower with no setbacks became fashionable, new ordinances per – mitted building developers to construct taller buildings, with greater floor area, if a public plaza were incorporated (Figure 6-15). In essence, the plaza is an extended building yard that was moved outsid e the controlled access to the building and became public space provided by the developer. Plaza layers of defense are similar in arrangement to those of the yard. The additional space provided by plazas enables a more effective second layer of defense to be achieved in an urban setting, and often an ac – ceptable stand-off distance can be created on one or more faces of the building, depending on the plaza-building relationship. Figure 6-16 show s the layers of defense with a plaza. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-17 Public buildings are frequently located within large plazas that are car e – fully designed to provide pleasant spaces for people to relax, converse, and enjoy the outdoors in a more spacious urban setting. The plazas also provide an opportunity to install barriers within the second line of defense — the plaza itself. Designers are now experiment ing with the use of interesting forms intended to enhance the experience of the plaza while improving security (Figure 6-17). Figure 6-15: Major office building situated on a public plaza. Figure 6-16: Layers of defense for a plaza. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-18 Figure 6-17: Sculptured forms, streetscape elements, and custom-designed bollards used as barriers at the San Francisco Federal Building. SOURCE: DELLA VALLE + BERNHEIMER ARCHITECTS/AERIAL PHOTO: RICHARD BARNES SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-19 On the existing plaza shown in Figure 6-17, the barriers are sculptured objects that make the plaza almost impenetrable for a vehicle and, com- bined with landscape features such as plants, pools, and seating, make the plaza a much more interesting place than it was prior to the securit y retrofit. Figure 6-18 shows a plaza with a variety of landscape features, includin g tree planting, that contribute to a second layer of defense and also create an attractive setting for the building. A perimeter of sweet gum trees, concrete benches, and stainless steel bollards forms the first line of defense. Should a driver smash a car through those, it would be necessary for the car to cross a water lily pond that doubles as a security moat, or navigate through a grove of 80 trees carefully staggered to prevent a vehicle from getting a clear shot at the main entrance. After those obstacles, a sunken sculpture garden, designed both to please the eye and trap a vehicle in the soft grass, si ts directly outside the building staircases. Even the building’s sign is part of the security system: twenty feet long, made of stone, it forms part o f the western perimeter. If a vehicle made it through all of these, it would still have to climb 18 feet of steps. The plaza in Figures 6-18 and 6-19 are situated on a steeply sloping street: a high set of steps acts as a barrier, and within the plaza, a water feature contributes to a second line of defense by increasing stand-off (Figure 6-19) Figure 6-18: Overhead view of plaza, Seattle Court House. SOURCE: PETER WALKER AND PARTNERS SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-20 The plaza in Minneapolis shown below is located between the City Hall and a new federal courthouse. The entire plaza is built on a parking ga – rage roof. The design refers to Minnesota’s cultural and natural history; earth mounds and logs, elements of that history, are the plaza’s symbolic and sculptural elements. An earth mound is also almost impossible to drive over, but if anyone manages to surmount it, the mound will collapse into a void below. The huge logs also limit the possibility of direct vehic – ular access to the building (Figures 6-20 through 6-23). Figure 6-19: Steep flight of steps and water feature acting as barriers. SOURCE: PETER WALKER AND PARTNERS Figure 6-20: Minneapolis courthouse plaza on a garage roof with planted berms and log benches that symbolize Minnesota’s history. SOURCE: COURTESY OF MARTHA SCHWARTZ, INC. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-21 Figure 6-22: Minneapolis Courthouse plaza: detail of drumlin and logs. The logs serve as seating. SOURCE: COURTESY OF MARTHA SCHWARTZ, INC. Figure 6-21: Minneapolis Courthouse plaza with planted berms, representing historic Minnesota “drumlins.” They also act as barriers to a vehicular attack, as a second layer of defense, creating stand-off. SOURCE: COURTESY OF MARTHA SCHWARTZ, INC. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-22 6.5 ACCESS POINTS S ecurity may prevent normal through-site access. Vehicles may be used to carry explosives and CBR material near or into a facility. A terrorist vehicle bomb driven near or into the building, or a hand- carried bomb placed close to the building, can severely injure people an d damage structures. In case a barrier or control booth is necessary, they need to be carefully designed to reduce their visual impact. Too many en – trances can stretch security forces thin and/or increase the expense of security force and equipment cost in controlling access. For high-risk facilities and heightened threat levels, it is important t o screen visitors and/or staff for weapons and explosives. Screening may i n – clude visual inspection, baggage search, walk through, hand-held metal detectors, x-ray inspection machines, explosives detectors, and chemical and biological agent detectors. If screening equipment is required, appr o – priate space should be allocated early in the design or retrofit plann ing phases. This space should be carefully designed according to the type of security required, the anticipated number of visitors, and the number of security personnel. Large accumulations of people at the entrance of a building should be avoided, since crowded conditions can conceal covert activity, such as the placement of a hand-carried bomb. An adequate number of security personnel and sufficient inspection equipment should be provided to facilitate rapid processing of visitors and staff, especially at the opening of business, lunchtime, and close o f Figure 6-23: Drumlin direction and plaza paving pattern lead pedestrians towards building entrance. SOURCE: COURTESY OF MARTHA SCHWARTZ, INC. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-23 business. Long queues can result in a tendency to hurry the screening process, which might provide an opportunity for unauthorized access for people and weapons. If there is sufficient space inside the entrance of the building, queuing will occur within the building footprint. If there is in – sufficient space inside the entrance, queuing should be expected outside the building, and a rain cover should be provided. Figure 6-24 shows a well-designed vehicle entrance. This combines a simple gatehouse and building sign with a graceful arched protective roof. Figure 6-24: Pedestrian entry has new gates designed in keeping with the historic fence (top). A graceful arched canopy and elegant guard house provide vehicular entry control SOURCE: NCPC 6.6 INTERMODAL SYSTEMS T ypically, urban sites with access to nearby transit, bus lines, rail, and other modes of transportation should be carefully evaluated for security and circulation impacts. Staff and visitors require convenient access to the stations and stops, which may conflict with stand-off and site access needs. The design of walkways, bus stops, drop off zones, and parking areas should balance functionality with security requirements of the project for stand-off distance, accessibility contro l, screening, and control of views. In some instances, subway stations can be entered directly from a building or the street entry leads both to the building and a subway station. Inter modal hubs are shown in Figures 6-2 5 and 6-26. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-24 Some considerations for minimizing the impact of security measures in the vicinity of intermodal hubs are: m Exploring ways to mitigate impacts of security improvements that restrict access to or use of subways and railroads by regular users. Figure 6-25: Large intermodal hub with parking, main railroad, subway, and buses. SOURCE: GOOGLE EARTH, MODIFIED Figure 6-26: Urban intermodal hub. aerial view, left. An entry that serves both as a subway and building access is shown, right. SOURCE: GOOGLE EARTH, MODIFIED, LEFT . SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-25 m Studying locations for security improvements and alternatives for circulation paths that mitigate impacts on existing circulation routes to stations, bus stops, etc. m Designing for the appropriate level of security based on the design basis threats, and increasing controls by planned temporary means if the threat level increases. m Understanding the community impact of developing perimeter security and devising potential mitigation strategies to preserve local mobility and connectivity. m The need for special protective measures at bus stops and other drop- off and pick-up areas (Figure 6-27). Figure 6-27: Bus stops and other drop-off and pick- up areas may need special protective measures. 6.7 PARkINg 6.7.1 INTRODUCTION T ypical parking in the central business district includes public on- street parking lanes, underground parking beneath plazas or other public spaces, parking beneath buildings, and freestanding or attached parking structures. Surface parking lots are often congested and temporary, awaiting develop – ment. Mitigating the risks associated with parking requires selection of a coherent set of design measures, including parking restrictions, perimet er buffer zones, barriers, structural hardening, and other architectural an d engi-neering solutions (Figure 6-28). SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-26 Parking layouts should be carefully designed to reduce risk. The layout of circulation aisles should prevent vehicles from driving directly to- wards a building from the parking lot. The layouts of the parking bays, as well as the use of berms, barriers, and screening are all effective ways to prevent this. The same strategy can also serve an aesthetic purpose by minimizing the visual impact of the parking area from other points of the site. If areas previously used for parking are to be discontinued due to secu- rity requirements, an alternate treatment should be developed, so that abandoned, untended parking areas do not become accessible to po- tential attackers. 6.7.2 Public Street Parking Public street parking is often located within a desired stand-off zone. To increase stand-off it may be proposed that the parking lane be closed. Evaluation of the viability of this option must consider the role of the street within the local infrastructure, and whether an additional lane provides significant improvements of the stand-off distance. If street parking lanes are unacceptable because of the high risk, ac- cess to the vulnerable streets and parking may have to be prohibited to create an adequate stand-off zone. This approach has been adopted in the New York City Financial District. Figure 6-28: Parking control and restriction is a typical aspect of the urban scene. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-27 Considerations for public street parking include: m Request appropriate permits to restrict parking in curb lanes in densely populated areas to company-owned vehicles or key employee vehicles. m The impact on local businesses due to loss of on- street parking should be evaluated. m Provide appropriate setback from parking on adjacent properties, if possible. Structural hardening and/or enhanced surveillance methods may be required if the setback is insufficient. In new designs, it may be possible to adjust the location of the building on the site to provid e adequate setback from adjacent properties. m Pick-up and drop-off areas should have appropriate barriers at the edge of the curb to enforce stand-off distances for unscreened vehicles and to address mobility and convenience for pedestrians. This includes placement of barriers at a distance from the curb to allow clearance for vehicle doors to open, provision of adequate lighting and shelter so pedestrians can wait safely for their rides, and appropriate design for handicapped access. Circulation planning should make sure that effective access is available for first responders and other emergency vehicles (Figure 6-29). Figure 6-29: Lengthy shelter for curb lane drop-off and pick- up area. SOURCE: NYPD SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-28 The following sections offer security design guidance for the layout and design of public on-street parking lanes, underground parking, and parking within buildings. 6.7.3 UNDER gROUND PAR kIN g AND PAR kIN g BENEATh BUILDINgS Buildings adjacent to underground parking may suffer collateral damage in the event of an explosion within the garage. This risk must be eval – uated to determine the level of inspection and control at the entry. Typically, this would be limited to fee taking and cursory inspection, but for a high-risk building or a heightened condition of security, careful se – curity inspection may be necessary on a temporary basis. Protection of primary vertical load-carrying members by designing archi – tectural or structural features that can keep an explosive even a few fe et away can make a big difference. For portable devices, a few inches or a couple of feet may be critical. Emplacing sloped features or other simpl e designs around accessible portions of columns are simple measures that may prevent a column collapse, and parking design may also be used to keep vehicles a few feet away from columns. These are simple, cost-effec – tive measures that can minimize risk of collapse and still be unobtrusiv e or even attractive. Typical entry control to protect underground parking beneath high-risk buildings is shown in Figures 6-30 and 6-31. Figure 6-30: Entry control to underground garage. Note provision for queuing and gatehouse design in harmony with the building. Careful design of all the needed components is necessary to avoid clutter. If possible, such entry control is best located on an access road or service alley rather than a public street SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-29 If parking beneath a high-risk building must be provided, access to the parking area should be controlled and limited, and spaces should be well – lighted and free of places of concealment and dead-end parking spaces. The following restrictions may need to be applied: m Public parking with ID check. m Company vehicles and employees of the building only. m Selected company employees only, or those requiring security. The designers needs to consider the following: m For all stand-alone, above-ground parking garages, maximize visibility for surveillance into, out of, and across the garage. m Employ express or non-parking ramps, sending the user to parking on flat surfaces. m Stairways and elevator lobby design should be as open as code permits. The ideal solution is a stair and/or elevator waiting area totally open to the exterior and/or the parking areas. Designs that ensure that people using these areas can be easily seen (and can see out) should be encouraged. If a stair must be enclosed for code or weather protection purposes, glass walls can be used to deter potential attacks. Potential hiding places below stairs and within and around stairwells should be closed off. Figure 6-31: View from a public street of entry control for underground parking at a court house. The entry is used for prisoner delivery and limited parking controls. Elimination of temporary signs and posts might reduce the clutter. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-30 m Elevator cabs should have glass backs whenever possible. Elevator lobbies should be well-lighted and visible to both patrons in the parking areas and the people outside the building. m Pedestrian paths should be designed to concentrate activity to the extent possible. For example, bringing all pedestrians through one portal rather than allowing them to disperse to numerous access points improves their ability to see and be seen by other users. Limiting vehicular entry/exits to a minimum number of locations is also beneficial. m Parking structures open to the public should be sited and evaluated with concern for stand-off from other buildings and screening from critical operations and sensitive areas that might be observed from within the parking structure and used as a point of access or staging for use of weapons or explosives. m Urban parking structures are likely to have high volumes of pedestrians and vehicles to accommodate, may be connected by bridges to nearby building, and may provide high vista points for surveillance or threat to adjacent buildings. m In the design of parking structures that include screening or inspection, consider locating these functions outside, at adequate stand-off distances, to control impact from explosions. Adequate space should be provided for queuing and inspection, so as not to slow traffic in and out of the garage (Figure 6-32). Figure 6-32: Queuing and inspection outside an entry to parking beneath a building. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-31 m When establishing parking areas, provide emergency communication systems (e.g., intercom, telephones, etc.) at readily identified, we ll- lighted, closed-circuit television-monitored locations to permit direct contact with security personnel. m Provide parking areas with closed-circuit television cameras connected to the security system and adequate lighting capable of displaying and videotaping area activity. m Designing for internal vehicular and pedestrian connections from parking garages to nearby buildings is similar to that for surface parking areas. 6.8 Loading docks and service areas L oading docks and service areas should be sited so that they are easily accessible for trash storage and pickup and service and deliv – eries by trucks (including large semi-trucks if the project requires it). Loading areas should be sited so that they can be screened from mo st roadways and sidewalks. They should be located close to mailrooms and freight elevators wherever possible. Due to the possibility of bombs, chemical, biological, and other types o f threats arriving at these locations, many organizations have chosen to relocate their loading and delivery functions to an off-site location or a re- mote area of the site. Others have chosen to harden these areas so they can contain explosions and protect adjacent areas of the building. For these reasons, siting and layout of loading areas should accommodate suf – ficient area for screening vehicles and packages. If possible, screening should be off site and scheduled deliveries required. This may be diffi cult to achieve in a tight urban site (Figure 6-33). For more information, refer to FEMA 426, Section 2.8. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-32 Design considerations for loading docks and service access include the following: m Separate (by at least 50 feet) loading docks and shipping and receiving areas in any direction from utility rooms, utility mains, and service entrances, including electrical, telephone/data, fire detection/alarm systems, fire suppression water mains, cooling and heating mains, etc. m If possible, avoid having driveways within or under buildings. If necessary, monitor them and restrict height to keep out large vehicles. m Significant structural damage to the walls and ceiling of the loading dock may be tolerable, as long as the areas adjacent to the loading dock do not experience severe structural damage or collapse. This can be achieved by an adequate structural design that limits damage to the loading dock area and allows explosive forces to vent to the building exterior. The floor of the loading dock does not need to be designed for blast resistance if the area below is not occupied and/or does not contain critical utilities. m Provide signage to clearly mark separate entrances for deliveries. m The loading zone should be designed for effective observation by cameras or guards. The design of planting areas, walls, and steps, and the selection of plants and street furniture should allow easy observation of the space and avoid areas where packages might be hidden. Figure 6-33: Screening areas need sufficient space. This loading area is immediately adjacent to a public sidewalk. When two or more vehicles are stopped, pedestrian activities can be disrupted, and risk to passersby is increased. SOURCE: FEMA E155 SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-33 6.9 PhYSICAL SECURITY LIghTINg A dequate lighting should be provided to aid in threat detection; this also assists in providing a defensible space for pedestrians. Site lighting is an integral component of the site design, with several functions (Figure 6-34): m To extend the hours of use into the early morning and evening by illuminating entries, walkways, signage, and roadways. m To improve security and provide enhanced visibility. m To add beauty by illuminating architectural details, landscape areas, specimen plants, outdoor artwork, and other features. Figure 6-34: Appropriate lighting for a variety of situations. SOURCE: DEPARTMENT OF STATE A successful site design will consider appropriate types and light level s for: m Emergency lighting as part of emergency backup systems (Refer to FEMA 426 , Section 2.9, for more information about these four types of site lighting). m Entry points (e.g., site entry points and building ingress and egress). m Circulation (e.g., roadways, parking areas, sidewalks, and walkways). SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-34 m Street and perimeter lighting. m Signage illumination. m Decorative landscape lighting. m Security lighting. Site lighting can be separated into zones in order to concentrate light where it is needed most. Prioritizing will allow for the most efficien t use of lighting, while keeping within a reasonable budget. Figure 6-35 shows some typical zones; the numbers on the figures refer to the de – scriptions below. 1. Exterior surface of building, including walls, doors, windows, rooftop terraces, and balconies. 2. Outdoor areas directly associated with entryways to building, including walkways, steps, ramps, terraces, and loading docks. 3. Intermediate outdoor areas, including driveways and parking; walkways and paved terraces; small gardens and large, remote landscaped areas; recreational facilities; and utility, service, and storage areas. 4. Areas immediately inside the perimeter, including inside faces of walls and required clearances; pedestrian entryways, vehicular entryways, and security check points. 5. Areas outside the perimeter that may be considered defensible space, including public sidewalks and streets, waterways, and adjacent non- public properties. It is also important to consider operational costs when designing an ap – propriate lighting situation. m Estimate and evaluate the lifecycle costs for energy and maintenance. m Evaluate the impact on project sustainability. In addition, site lighting can be helpful as a response to different levels of alert, by designing it to be increased in times of high security aler t. Provision of additional light is a common CPTED technique to discourage unwanted activities on sites and within buildings and to enhance desirable activities (Figure 6-36). SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-35 Figures 6-35: Site lighting zones. SOURCE: DEPARTMENT OF STATE SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-36 6.10 INFRASTRUCTURE AND SITE UTILITIES In-ground infrastructure can be any of the following: m Standard utility lifelines such as water, gas, steam, sewer, storm water, electric communications, etc. m Any structure that can be used by persons, such as subway tunnels, stations, large sewer or water tunnels, or pipes. m Ventilation shafts supplying either the building or the in-ground infrastructure. In the urban situation, it may be necessary, because of the limited space, to place vehicle barriers on yards, sidewalks, or plazas that are locate d over a dense infrastructure of all kinds of utilities, some of which may have been in existence for decades. There may be conflicts below grade , as an increasing number of current and past utility systems compete for limited space. Determination of the materials, size, and location, both horizontal and vertical, of these utilities is critical, because their i nter – action with barrier foundations may create costly or even impractical conditions; the location of barriers may be strongly influenced by the utility pattern. In addition, subway stations, public parking structures , and utility tunnels may have direct access to areas adjacent to building utility systems. Figure 6-36: Night view of government building approach and screening structure. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-37 Unlike an open site, in-ground utilities connect to the building directl y from the municipal services. Thus the primary concern of the property owner is that of the security of this connection and any necessary open – ings into the building. Failure of part of the in-ground infrastructure may affect the structura l system of the building. When the infrastructure and the building are in close proximity or rigidly linked, the failure of one system may initiat e failure of the other. The part of the structure closest to the in-ground in – frastructure is the most vulnerable. It should be hardened so that any local failure would not initiate progressive collapse in the rest of the building. Aside from hardening, other measures available are increased ductility, increased setback, or better access control. In a zero setback situation in-ground utility systems and other lifeline s will be under public property and not under the building owner’s control. Coordination with the public agencies will be necessary to ensure protec – tion to the systems so that the building functions will not be affected by damage to the municipal utilities and infrastructure. In the case of a building located on a large plaza, critical utilities m y be lo – cated on the owner’s property. and their protective design may be part of the project scope. Some issues related to urban site utilities and infra struc – ture are: m Based upon the size of the lifeline, such as a large sewer system, access to the site or building may be possible and, based on the size of the utility service entrance to the building, personnel or CBR agents may be able to enter the building. m In-ground infrastructure and the building can be connected by passageways, subways, tunnels, connecting stairways, entrance/exit portals, and ventilation shafts, as well as by direct utility connection s from utility lifelines. m Lifeline attachment to a building should be sealed to prevent infiltration of CBR and large entrances secured to prevent personnel access. m Redundant sources of supply and any on-site storage needs, e.g., water storage (for domestic and industrial use or fire suppression), fuel storage, and on-site generators, should be identified. Each utility system’s requirements for siting, redundancy, and safety should be addressed. m Plans for installation and modification of utilities for security purposes should be coordinated with local municipalities and/or service suppliers. SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-38 Utility systems can suffer significant damage when subjected to the sh ock of an explosion. Some of these utilities may be critical for safely evac u – ating people from the building. Their destruction could cause damage that is disproportionate to other building damage resulting from an ex – plosion. To minimize the possibility of such hazards, apply the following measures, where appropriate: m Ensure that access to crawl spaces, utility tunnels, and other means of under building access is controlled in order to limit opportunities for aggressors to place explosives underneath buildings. All utility penetrations of a site’s perimeter barrier should be sealed or secured to eliminate openings large enough for persons to pass through the barrier. Typical penetrations could be for storm sewers, water, electricity, or other site utility services. m If access is required for maintenance of utilities, all penetrations should be secured with screening, grating, latticework, or other similar devices so that openings do not allow intruder access. Provide intrusion detection sensors, and consider overt or covert visual surveillance systems, if warranted by the sensitivity of assets requiring protection. m Protect vents, ducts, and other openings that pass through a perimeter and that have a cross-sectional area greater than 96 square inches, and whose smallest dimension is greater than 6 inches, by securely fastened welded bar grilles. m Consider quick connects for portable utility backup systems if redundant sources are not available. m Prepare vulnerability assessments for all utility services to the site, including all utility lines, storm sewers, gas transmission lines, electricity transmission lines, and other utilities that may cross the s ite perimeter. m Provide utility systems that support site security, life safety, and rescue functions with redundant or loop service, particularly in the case of electrical systems. Where more than one source or service is not currently available, provisions should be made for future connections. m The choice of cover materials in sidewalks and other pedestrian areas should enable ease of access to utilities for repair and maintenance, but limit access by terrorists or vandals. Attractive paving that is eas ily removed and replaced can be substituted for standard concrete sidewalks that have to be torn up and patched (Figure 6-41). SECURITY FOR CENTRAL BUSINESS DISTRICTS 6-39 6.11 CONCLUSION P rotection of sites in an urban environment presents particular difficulties; desired stand-off is unobtainable, road patterns are fixed, and road closures can be extremely disruptive. It may be necessary to accept a higher level of risk. This may be partially offset by the facts of urban congestion that may block the terrorist from making a high speed head-on attack on a building. The possibility of an attacker parking, even briefly, adjacent to a target building, however, is an ever-present threat. This underscores the need for protective measures applied to the building exterior and possible re – programming to remove critical assets from the lower floors adjacent to the street. A common offset, however, is that many downtown build – ings, particularly those constructed before World War II, are very solidly built, with concrete-encased steel frames, short structural spans, and s mall window openings. These types of buildings have been found to be very re – sistant to collapse. The protective measures applied to the New York City Financial District, described in Case Study 6, show that a coherent and imaginative ap – proach to the problem can achieve urban enhancement, even when street closings are necessary to achieve acceptable stand-off from high-risk tar – gets. The exciting quality of the environment is maintained, new public space is created, and the rich history of the location is reflected in the na – ture and placement of contemporary protective installations. Figure 6-37: Sidewalk paving with removable panels eases maintenance of underground utilities. DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A A-1 DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A.1 INTRODUCTION AND BACKGROUND T he idea that environmental design – of sites and buildings – might play a role in crime reduction had its origins in Jane Jacobs’s book, The Life and Death of Great American Cities (1961). Using personal observation and anecdote, she suggested that residential crime could be reduced by orienting buildings toward the street, clearly distinguishing public and private domains, and placing outdoor spaces in proximity to intensively used areas. In 1971, architect Oscar Newman published a paper, “Architectural Design for Crime Prevention,” and in 1973 published a book, Defensible Space, Crime Prevention through Urban Design . His studies of urban resi – dential areas showed how physical design contributed to victimization by criminals. Newman explored the concepts of human territoriality, nat – ural surveillance, and the modification of existing structures to effectively reduce crime, ideas that still form the foundation of building security de – sign today. Newman’s work became the foundation for what later became known as “Crime Prevention through Environmental Design” (CPTED) . The term “Crime Prevention through Environmental Design” had fir st appeared in a 1971 book by criminologist and sociologist C. Ray Jeffery, inspired by Jacobs’s work. Jeffrey analyzed the causation of crime from an interdisciplinary approach, drawing from criminal law, sociology, psy – chology, the administration of justice, criminology, penology, and other fields. He also drew from relatively new fields at that time, includ ing systems analysis, decision theory, environmentalism, behaviorism, and sev – eral models of crime control. Defensible space theory and CPTED were very influential in law enforce – ment and architectural communities, particularly in urban residential development and public housing design and retrofit; throughout the 1980s, there were also a handful of architects, planners, and academics who advanced the field of CPTED, and it is to these pioneers that cont em – porary CPTED owes its existence. In this period of evolution, the CPTED methodology was organized to match the function of the crime area, similar to Newman’s layering of space from private to public spaces. CPTED now defines three basic str at – egies for security design: natural access control, natural surveillance, and territorial reinforcement. DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A-2 A.2 CPTED BASIC STRATEGIES m Natural access control consists of symbolic and real barriers that prevent the criminal from committing a crime. Natural access control strategies involve decreasing opportunities for crime by denying access to crime targets and creating a perception of risk in offenders. It is accomplished by the design of streets, sidewalk s, building entrances, and neighborhood gateways to mark public routes, and by use of architectural and landscape structural elements to discourage access to private areas. m Natural sur veillance increases the awareness by residents or building users of who leaves and enters the property or buildings. Natural surveillance strategies are intended to make intruders easily observable. Features that maximize visibility of people, parking areas, and building entrances promote natural surveillance. Examples are doors and windows that look onto streets and parking areas, pedestrian friendly sidewalks and streets, front porches, and adequate nighttime lighting. m Territorial reinforcement involves creating a sense of the users’ proprietorship so that offenders perceive a territorial influence. Territorial reinforcement strategies use physical design to create or extend a sphere of influence. Building users are trained to develop a sense of territorial control so that potential intruders will perceive this control and be discouraged from their criminal intentions. Features such as landscape planting, pavement surface design gateway treatments, and fences are used to define property lines and help distinguish private from public spaces to promote territorial reinforcement. CPTED then divides each of these three strategies into response classifications: m Natural concepts use design tools for avoiding user conflicts and providing clear circulation paths. These concepts employ physical and spatial features, such as site and architectural elements, to ensure that a setting acts as a deterrent to crime while supporting the intended use of the space. Examples of natural features include landscaping, outdoor seating and planters, fences, gates, and walls. DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A-3 m Mechanical concepts use devices and technology that make committing the crime more difficult. Sometimes referred to as “target hardening,” mechanical measures emphasize hardware and technological systems, such as locks, security screens on windows, fencing and gating, key control systems, closed- circuit television (CCTV), and other security technologies. Windows may have protective glazing that withstands blows without breaking. Doors and window hardware may have special material and mountings which make them hard to remove or tamper with. Walls, floors, or doors may be specially reinforced in high-security areas with materials that are difficult to penetrate. m Organizational concepts respond with management and personnel techniques. These concepts rely on people (individuals and vested groups) to provide surveillance and access control functions in the spaces they occupy at home or work. Organizational concepts may use concierges, security guards, designated guardians, residents in neighborhood watch programs, police officer patrols, and other individuals with the ability to observe, report, and intervene in undesirable or illegitimate actions. A.3 CPTED STRATEGIES FOR SITE PROTECTION As examples of the application of CPTED principles and concepts, fol – lowing are some of the CPTED strategies for site protection. Examples of natural solutions: m Natural solutions designed to delay an intruder by creating barriers such as walls, fences, water barriers, or landscaping m Natural solutions that allow for siting of buildings to reduce blind spots and permit observation of movement by building users, such as window placement, location of entrances, and walkways m Natural solutions that create boundaries with the building form or landscaping to clearly delineate the public, semi-public, semi-private and private spaces DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A-4 Examples of mechanical solutions: m Mechanical solutions for the detection of an intrusion, through use of electronic or infrared sensing m Mechanical solutions that use technology to assist watching, such as CCTV and exterior site lighting m Mechanical solutions that define boundaries and territory with perimeter protection systems m Devices that assist in the provision of access control at site entries Examples of organizational solutions: m Solutions that provide for patrol and ability to respond, such as patrol routes, guardhouses and watch towers, or other locations. m Surveillance strategies that allow for unobstructed watch for intruders. m Solutions that use assigned or remote observers to detect, delay, and respond to intruders. Observers can be police, security guards, or trained building users. The building design may focus outward, for example, to allow observation of parking lots or playgrounds. m Solutions that provide the staff and/or users of the building with the means to distinguish outsiders or violators from legitimate site users. The site may have a vehicle control system that requires stickers, decals, ID cards, or access control badges. Examples of territorial reinforcement solutions: m Strategies employ the building design and ability of users to challenge possible intruders and determine if they have a legitimate purpose. A.4 CPTED TODAY The basic CPTED planning concepts can often address vulnerability and risk in a more effective manner than many of the post 9/11 ad hoc mea – sures, which heighten fear and unduly compromise the unique character of a place and a community. It is necessary to ensure that there is a reasonable balance between plan – ning for everyday crime prevention and planning to mitigate acts of DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A-5 terror. Acts of terrorism are infrequent events, and everyday crime levels may increase further if security measures are enacted that undermine the integrity of a community. Such measures are permanent street closures and rigid adherence to arbitrary permanent stand-off distance standards, etc. Well-planned temporary measures would allow protection from in – creased or reduced threats on an as-needed basis, which may occur rarely during the life of the site. The CPTED security design process can be applied on a macro to micro scale. The three scales are building perimeter protection, in-site secur ity design, and the building envelope and interior (which mirror the three layers of defense concept used in this publication). There is now an extensive literature on CPTED, and training courses are offered by some private consultants and by the International CPTED Association (ICA). A typical CPTED course is designed for a practi – tioner who will be involved in the application of proven crime preventio n tactics to the built environment. Courses are relevant for architects, p lan – ners, community leaders, and police practitioners; they focus on the application of situational crime prevention measures to areas of our com – munities, with the goal of forming a total response to crime. Typical CPTED course topic areas are: m Architectural terms and the process of architectural development m Municipal and regional planning m Analysis of crime potential within the design area m How to develop plans to prevent environmentally induced crimes in practical applications of light and color m Political analysis and development of CPTED codes and ordinances m Security technology in support of natural surveillance and control A number of police forces in the United States have been trained in CPTED and apply the principles in their review of construction projects. DEFENSIBLE SPACE AND CPTED: ORIGINS AND APPLICATION A-6 A.5 CPTED SOURCES OF INFORMATION Publications: Publications relating to CPTED will be found in Appendix B, Bibliography Web sites: Defensible Space, nonprofit organization founded by Oscar Newman: www.defensiblespace.co m International CPTED Association (ICA): www.cpted.ne t National Crime Prevention Institute: www.louisville.edu/a-s/ja/ncp i U.S. Department of State, Counterterrorism Office: www.state.gov/s/c t Security Design Coalition: www.designingforsecurity.or g BIBLIOGRAPHY B B-1 BIBLIOGRAPHY B.1 FEMA RISK MANAGEMENT SERIES PUBLICATIONS Federal Emergency Management Agency, 2003. Reference Manual to Mitigate Potential Terrorist Attacks against Buildings, FEMA 426, Washington, D.C. Federal Emergency Management Agency. 2004. Primer for Design of Commercial Buildings to Mitigate Terrorist Attacks , FEMA 427, Washington, D.C. Federal Emergency Management Agency. 2004. Primer to Design Safe School Projects in Case of Terrorist Attacks , FEMA 428, Washington, D.C. Federal Emergency Management Agency. 2003. Insurance, Finance, and Regulation Primer for Risk Management in Buildings , FEMA 429, Washington, D.C. Federal Emergency Management Agency, 2005. Risk Assessment: A How-to Guide to Mitigate Potential Terrorist Attacks Against Buildings , FEMA 452, Washington, D.C. Federal Emergency Management Agency, 2006. Safe Rooms and Shelters: Protecting People Against Terrorist Attacks , FEMA 453, Washington, D.C. B.2 FUTURE RISK MANAGEMENT SERIES PUBLICATIONS Federal Emergency Management Agency, revised Reference Manual to Mitigate Potential Terrorist Attacks against Buildings , FEMA 426, Washington, D.C. Federal Emergency Management Agency, R apid Visual Screening for Building Security , FEMA 455, Washington, D.C. Federal Emergency Management Agency,. Incremental Rehabilitation to Improve Security in Buildings , FEMA 459, Washington, D.C. Federal Emergency Management Agency, Risk Assessment: A How-to Guide to Mitigate Multihazard Events (CBR, Explosives, Earthquakes, Floods and High Winds) Against Building s, FEMA 452 enhanced, Washington, D.C. BIBLIOGRAPHY B-2 B.3 FEMA TRAINING COURSE Federal Emergency Management Agency, 2004, Building Design for Homeland Security, (Suburban and Urban) , FEMA E 155, Washington, D.C. B.4 OTHER FEMA PUBLICATIONS Federal Emergency Management Agency, 2004. Using HAZUS-MH for Risk Assessment , FEMA 433,Washington, D.C. Federal Emergency Management Agency, 2002. World Trade Center, Building Performance Study , FEMA 403, Washington, D.C. B.5 OTHER PUBLICATIONS AND ARTICLES Alberson, Dean, 2004. A Stricter Standard for Crash Barriers, Standardization News , West Cornshohocken, PA: ASTM International, February, www.astm.org . American National Standards Institute (ANSI), ANSI Homeland Security Standards Panel, 2007. Final Workshop Report, Perimeter Security Standardization , January, www.ansi.org/hss p. American Society for Heating, Refrigerating, and Air Conditioning Engineers (ASHRAE), 2006. ASHRAE Guidelines 29P, Guidelines for Risk Management of Public Health and Safety in Buildings , Public Review Draft, July. ASTM International, 2003. State Department Turns to ASTM International for Input on Crash Testing Standard, Standardization News , West Cornshocken, PA, September, www.astm.or g. Demkin, Joseph, ed., 2004. Security Planning and Design, A Guide for Architects and Building Design Professionals , Washington, D.C.: The American Institute of Architects, and Hoboken NJ: John Wiley and Sons, Inc. Dunlap, David, 2006. A New Idea in Security Would Put Vehicle Barriers on a Pavement-Level Turntable, New York Times , December 28. Dvorak, Petula, 2006. Ubiquitous Security Barriers Get a Fashionable Flourish, Washington Post , January 30 BIBLIOGRAPHY B-3 Dwyer, J., et al., 1994. February 1993 Bombing of the World Trade Center in New York City: Two Seconds Under the World , New York: Crown Publishers. Enlow, Clair,, 2005. Design is the Best Defense, Landscape Architecture , Washington, D.C.: American Society of Landscape Architects, August. General Services Administration (GSA), 2000. Chapter 8, Security Design, in Facility Standards for the Public Building Service (PBS-P100), Washington, D.C., November. General Services Administration (GSA), 2007. The Site Security Design Guide , Washington, D.C., June. Hart, Sara, 2002. In the Aftermath of September 11, the Urban Landscape Appears Vulnerable and Random, Architectural Record , New York: McGraw- Hill Construction, March. Hinman, Eve, 2006. Blast Safety of the Building Envelope, Whole Building Design Guide , Washington, D.C.: National Institute of Building Sciences, www.wbdg.or g. Hockenberry, John, 2006. Fear Factor: Security in a New Age , Business Week Online, www.businessweek.co m, May. Hopper, L., and Droge, M., 2005, Security and Site Design: A Landscape Architectural Approach to Analysis, Assessment and Design Implementation , New York: John Wiley and Sons. Interagency Security Committee, 2004. ISO Security Design Criteria for New Federal Office Buildings and Major Modernization Projects , Washington, D.C., September. Kozel, Scott 2004. New Jersey Median Barrier, www.roadstothefuture.com/ Jersey_Barrier.htm l, June. Little, R., Meacham, B., Smilowitz, R., 2001. Performance-Based Multi- Objective Decision Framework for Security and Natural Hazard Mitigation , National Symposium on Comprehensive Force Protection, Charleston, SC, November. Loeffler, Jane, 2006, The Importance of Openness in an Era of Security: a Conversation with Supreme Court Justice Stephen G. Breyer, Architectural Record, New York: McGraw-Hill Construction, January. BIBLIOGRAPHY B-4 Longstreth, Richard, 2006. W ashington and the Landscape of Fear, City and Society , Vol.18, Issue 1, pp.7-30, Arlington, VA: American Anthropological Association. Nadel, Barbara, ed., 2004. Building Security: Handbook for Architectural Planning and Design , New York: McGraw-Hill. National Capital Planning Commission, 2001. Designing for Security in the Nation’s Capital , Washington, D.C., October, www.ncpc.go v. National Capital Planning Commission, 2002. The National Capital Planning Urban Design and Security Plan , Washington, D.C., October, www.ncpc.go v. National Capital Planning Commission, n.d. The National Capital Planning Urban Design and Security Plan: Designing and Testing of Perimeter Security Elements , Washington, D.C., www.ncpc.go v Renfroe, N., and Smith, J. L., 2006. Threat/Vulnerability Assessments and Risk Analysis, Applied Research Associates, Inc., in Whole Building Design Guide , Washington, D.C.: National Institute of Building Sciences, www.wbdg.or g. Smith, J. L., and Bryant, L. M., 2006. Cost Impact of the ISC Security Design Standards, Whole Building Design Guide , Washington, D.C.: National Institute of Building Sciences, www.wbdg.or g. Speckhardt, L., and Dowdell, J., 2004. Bollards and Beyond, The Palette for Security Goes Well Beyond One-Note Design, Landscape Architecture , Washington, D.C.: American Society of Landscape Architects, July. U.S. Air Force, Air Force Center for Environmental Excellence, 1997. Installation Force Protection Guide , Washington, D.C. U.S. Department of Defense, 2002. Unified Facilities Criteria (UFC), UFC 4-010-01, DoD Minimum Antiterrorism Standards for Buildings , Washington, D.C., July. U.S. Department of State, 1999. The Report of the Accountability Review Board on the Embassy Bombings in Nairobi and Dar es Salaam on August 7 , Washington, D.C., January. U.S. Department of the Treasury/Bureau of Alcohol, Tobacco, and Firearms, 1999. Vehicle Bomb Explosion Hazard and Evacuation Tables , Washington, D.C. BIBLIOGRAPHY B-5 B.6 CPTED BIBLIOGRAPHY Atlas, Randall, 2006. Site Security, in Architectural Graphic Standards , 11th edition, pp. 635-639, New York: John Wiley & Sons. Crowe, Timothy, 2000. Crime Prevention Through Environmental Design: Applications of Architectural Design and Space Management Concepts, Stoneham, MA: Butterworth-Heinemann. Newman, Oscar, 1971. Architectural Design for Crime Preventio n, Washington, D.C.: Law Enforcement Assistance Administration. Newman, Oscar, 1973. Defensible Space: Crime Prevention through Urban Design . New York: Macmillan. Newman, Oscar, 1996. Creating Defensible Space . Washington, D.C.: Department of Housing and Urban Development. ACRONYMS AND ABBREVIATIONS C C-1 ACRONYMS AND ABBREVIATIONS This appendix contains some acronyms that do not appear in this pub – lication. They have been included to provide a more comprehensive list relevant to the topics of this publication. ADA Americans with Disabilities Act AIA American Institute of Architects ANSI American National Standards Institute ASCE American Society of Civil Engineers ASHRAE American Society of Heating, Refrigerating and Air-Conditioning Engineers ASLA American Society of Landscape Architects ASTM American Society for Testing and Materials ATF Alcohol, Tobacco, Firearms and Explosives (Bureau of U.S. Department of the Treasury) CBR Chemical, biological and radiological CCA Contamination control area CCP Casualty collection point CCTV Closed-circuit television CDC Center for Disease Control and Protection CFD Computational fluid dynamics CPTED Crime prevention through environmental design DBT Design basis threat DHS Department of Homeland Security DoD Department of Defense DOE Department of Energy DOJ Department of Justice ACRONYMS AND ABBREVIATIONS C-2 DOS Department of State DOT Department of Transportation EPA Environmental Protection Agency FBI Federal Bureau of Investigation FEMA Federal Emergency Management Agency GIS Geographic information system GSA General Services Administration HazMat Hazardous material HAZUS Hazards U.S. HVAC Heating, ventilating and air conditioning IED Improvised explosive device IRA Irish Republican Army ISC Interagency Security Committee IT Information technology LOP Level of protection M/E/P Mechanical/electrical/plumbing mph Miles per hour NCPC National Capital Planning Commission NHPA National Historical Preservation Act NIOSH National Institute for Occupational Safety and Health NIST National Institute of Standards and Technology NTIS National Technical Information Service NYPD New York Police Department NYSE New York Stock Exchange PSA Patients staging area psi Pounds per square inch ACRONYMS AND ABBREVIATIONS C-3 RDD Radiological dispersal device (“dirty bomb”) ROW Right-of-way RPG Rocket propelled grenade RVS Rapid visual screening SRA Safe refuge area TM Technical manual TNT Trinitrotoluene USDA U.S. Department of Agriculture VA Department of Veterans Affairs WMD Weapons of mass destruction WTC World Trade Center