Physical security

The SAR shall describe how to perform major, minor and temporary modifications to procedures. 

This section shall describe the conduct of facility maintenance and periodic testing, and the inspection programme for reactor equipment and components. An overview is sufficient if the detailed progranune is given in supplementary documents. The maintenance, testing and inspection programme should provide information on  

The measures established to protect against sabotage and unauthorized removal of fissile and radioactive material shall be described, including regulations of access to the facility and the security systems. 

The physical security of the facility may be described in a separate document, which would be conftdential. 

---

In many cases, it is necessary to complement physical security by the installation of an intruder alarm system in order to achieve the standard of security commensurate to the risk exposure. The scope of protection to be afforded by the alarm system depends on the security risk, but it may embrace fences, windows, doors, roofs, walls, internal areas, yards and external open areas, and vehicles inside and outside buildings. There is a comprehensive range of detection devices, but the choice of detector is critical to ensure that it provides the desired level of protection and is stable in the particular environment. 

This issue has been addressed by a number of groups, including the ANS Scaborg Panel. Their conclusion has been that States should be called on to meet specified minimum standards of physical security, and that their performance in doing so should be monitored by an international authority, preferably the IAEA. Unfortunately, despite the general support for the concept, effective action to implement these recommendations has not taken place. 

The international community has a legitimate interest in the adequacy of national measures to apply effective physical security to avoid theft or seizure of nuclear material by unauthorized subnational individuals or groups. Assurance of this adequacy through IAEA monitoring under an international convention would be a desirable approach. 

Physical Security Shore Station Engineering Design Criteria, (MIL-HDBK-1013/1), (to be published). 

Physical Security - Planning and Requirement Guide. U.S. Army Corps of Engineers, Omaha, Neb, Mar 1987. 

Construction and landscaping should provide appropriate earthquake and storm resistance as well as good physical security. 

Deterrence A countermeasures strategy that is intended to prevent or discourage the occurrence of a breach of security by means of fear or doubt. Physical security systems such as warning signs, lights, uniformed guards, cameras, and bars are examples of countermeasures that provide deterrence. 

Physical security Security systems and architectural features that are intended to improve protection. Examples include fencing, doors, gates, walls, turnstiles, locks, motion detectors, vehicle barriers, and hardened glass. 

Security layers of protection Also known as concentric rings of protection, a concept of providing multiple independent and overlapping layers of protection in depth. For security purposes, this may include various layers of protection such as countersurveillance, counterintelligence, physical security, and cyber security. 

Chemical process security includes, but goes beyond, traditional physical security. Physical security includes such considerations as guards, barriers, surveillance equipment, and other physical system considerations. Physical security is an element of chemical process security, but... 

Effective chemical process security must also consider integration of broader process elements including technology, chemical usage and quantities, procedures, administrative controls, training, and cyber interface with those traditional physical security elements. 

A chemical engineer may have a choice of inherent safety variables, such as quantity stored or process temperatures and pressures, or process safety measures such as emergency isolation valves or containment systems, all of which may greatly reduce the vulnerabilities or the consequences of intentional loss. These are in addition to traditional security measures, which may include physical security, background checks, administrative controls, access controls, or other protective measures. For a more complete discussion of the options, refer to the AIChE Center for Chemical Process Safety Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites and other references.f... 

Threats of Concern Terrorist acts can be the most problematic to defend against since they may be more extreme or malevolent than other crimes focused on monetary gains or outcomes with less malicious intent. Plus terrorists may use military tactics not often provided for in base chemical facility design. Chemical facility security must be considered in context with local and national homeland security and law enforcement activities, as well as with emergency response capabilities. There is a practical limit to the ability of a chemical site to prevent or mitigate a terrorist act. Above a certain level of threat, the facility needs to rely on law enforcement and military services to provide physical security against extreme acts of intentional harm. The security posture must be risk-based, and so extremely robust security measures are not always applicable or necessary. 

In helping to create a consensus set of guidelines, a number of individual and groups provided valuable assistance and review. These include Ted Krauthammer of Penn State, chairman of ACI committee 370 (Short Duration Dynamic and Vibratory Load Effects), Paul Mlakar of Jaycor, chairman of the ASCE Task Committee on Physical Security, and Quentin Baker of Wilfred Baker Engineering. Reviewers included Brad Otis of Shell Oil Company, Al Wusslcr of El Paso Natural Gas Company, and Eve Hinman of Failure Analysis Associates. 

Chapter 5 of the ASCE Physical Security report addresses the various types of glazing materials and staictural components of window frames and should be referred to for a detailed discussion of the topic. 

ASCE Physical Security, Structural Design for Physical Security States of the Practice Report, Task Committee on Physical Security, American Society of Civil Engineers, New York, NY, (to be published)... 

Retrofitting existing structure is discussed in Structural Design for Physical Security Slate of the Practice Report (ASCE Physical Security). Although the blast load is specifically related to external or internal bomb threats, the analysis technique and design approaches for hardening structures are similar in many ways. 

Security breach. Physical security breaches, such as unsecured doors, open hatches, and unlocked/forced gates, are probably the most common threat warnings. In most cases, the security breach is likely related to lax operations or typical criminal activity such as trespassing, vandalism, and theft. However, it may be prudent to assess any security breach with respect to the possibility of attack. 

Conduct physical security surveys and assess all remote sites connected to the SCADA network to evaluate their security. 

Any location that has a connection to the SCADA network is a target, especially unmanned or unguarded remote sites. Conduct a physical security survey and inventory access points at each facility that has a connection to the SCADA system. Identify and assess any source of information including remote telephone/ computer network/fiber optic cables that could be tapped radio and microwave links that are exploitable computer terminals that could be accessed and wireless local area network access points. Identify and eliminate single points of failure. The security of the site must be adequate to detect or prevent unauthorized access. Do not allow live network access points at remote, unguarded sites simply for convenience. 

Again, as shown in figure 9.1, layered security starts with the outer perimeter (the fence—the first line of physical security) of the facility and goes inward to the facility, the buildings, structures, other individual assets, and finally to the contents of those buildings—the targets. 

A hydrant lock is a physical security device designed to prevent unauthorized access to the water supply through a hydrant. It can also ensure water and water pressure availability to firefighters and prevent water theft and associated lost water revenue. These locks have been successfully used in numerous municipalities and in various climates and weather conditions. 

A manhole lock is a physical security device designed to delay unauthorized access to the chemical facility or system through a manhole. 

Some commonly used physical security measures for processing facilities include ... 

Physical Security of Storage Areas and the Processing Facility, 22 Chemical Surety Program, 22... 

Regular safety and routine physical security activities will continue to protect personnel, facilities, and materiel from pilferage, unauthorized use, sabotage, and violation of community rules and regulations by any source, internal or external (U.S. Army, 1995, 2000f). Conceivably, the island could be the target of unauthorized entry and trespassing from the air or sea. Thus, a security presence appears to be warranted until final ownership of the island is established. 

System access security and physical security. Focus primarily on the computer room and any related workstations. 

Physical security primarily the computer room. Access security... 

Physical security of the system is required when it stores data that must be secured. All necessary and reasonable measures of restricting logical access to the system should be instituted to prevent loss or corruption of the secured data. The laboratory must estabhsh a hierarchy of passwords that limit access, by function, to those properly authorized individuals who need such functions in the performance of their jobs. Security must be structured in a way that allows access Copyright 2003 Marcel Dekker, Inc. 

Verify electronic record-responsible persons Verify access and physical security Verify operational checks... 

The physical security arrangements for the hardware must be verified. Critical hardware must be placed in a physically secure area to prevent any unauthorized physical access. 

---