The Physical security design consultants implement a methodological approach as a specialist security design consultant, the earlier method is adapted by DSP Consultants as a specialist security consultant in Dubai. An effective physical security systems design integrates people, procedures, and technology for the protection of the assets against thefts, sabotage, and malicious human attacks. Hence, the physical security designer should weigh the objectives of the physical security system clearly against available resources and then evaluate the proposed design to ascertain how well it meets the objectives of the security program.

A comprehensive security risk assessment is essential prior to design efficient physical security systems. The PSD (Physical Security Design) might waste valuable capital on unnecessary protection or fail to provide sufficient protection at critical points of the facility if a comprehensive security risk assessment is not carried out. For instance, it is probably imprudent to protect employee recreation areas with the same level of protection that a data centre may require. Similarly, maximum security at the main entrance would waste if the entry could also be possible from other unprotected points. As each facility is unique, a proper security risk assessment that evaluates the criticality of assets, threats, vulnerabilities will give a clear picture of risk exposure that gives a baseline for effective physical security system design.

Another important thing to keep in mind is a performance-based system design is always effective than features based system. Because performance-based security systems design provides clear performance measures that can be validated with numeric characteristics for various system components. For instance, a Performance-based systems design allows predicting performance against identified threats in various system effectiveness parameters. In this, we can assess sensors effectiveness under various environmental conditions, video clarity at different illuminating conditions, the response time of guard force etc. This performance-based system is also quite helpful to build the business case to persuade the business leaders to by highlighting clear cost-benefit analysis.

An effective Physical security design should have a process that produces the design as per DBT (Design Basis Threat) and not on mere assumptions or experience of the individual designing the system. Even though there are security risk assessment and system design methodologies available to adapt, the following 3-step methodology suggested by Mary Lynn Garcia was proven its effectiveness over 3 decades at the critical installations.

• Determining PSD objectives
• Design or characterization of PSD
• Analysis and Evaluation of PSD

1. Design Physical Security System Objectives:

In order to develop the objectives, the designer must accomplish three steps. Those are Facility Characterization, Threat Definition, and Target Identification.

• Facility Characterization:

In this step, the designer needs to understand the facility itself. He needs to assess the facility operations, conditions, operating states and the entire layout of the facility such as site boundary, building location, building interiors floor plans, access points, blueprints, process descriptions, health, safety and environmental analysis reports etc. Then he also needs to assess any additional considerations for any operational, safety, legal liability or regulatory requirements while designing PSD.

In addition, a tour of the sites and interviews with the facility personnel will provide necessary info on the effectiveness of any existing physical protection features. Involving all-important stakeholders is also necessary for ensuring the business operations are continued in a secure, safe and efficient environment. As each facility is unique, this process should be followed each time a need is identified.

• Threat Definition:

The second step in determining the objectives is to define the threat. In this step, the designer needs to consider the factors about potential adversaries, their class, capabilities, and a range of tactics. He must collect information about the adversary Class, Tactics, and Capabilities.

The classes of adversary: An adversary can be categorized into three classes - outsiders, insiders and outsiders working in collusion with insiders.

Tactics of adversary: deceit, stealth, force, or any combination in the range of tactics each class of adversary can use to defeat PSD. For instance, Deceit is an attempt to defeat a security system by using false authorization or identification. Stealth is an attempt to defeat a security system by using covert means. (Spoofing or bypassing a sensor). Force is an overt, forcible attempt to overcome a security system,

Capabilities of adversary: The designer needs to identify the most likely threats and should design the system to meet those threats by keeping their capabilities in consideration. For instance, there may be several threats, any given facility can encounter, such as a criminal outsider, disgruntled employee, competitors or some combination. Hence, an effective physical security system must be designed to protect against all of these threats.

• Target Identification:

The final step is to perform target identification for the facility. For, this A thorough review of the facility and its assets should be conducted. This may include identifying critical assets, people, information or critical equipment or processes or reputation anything that could impact business operations. For instance, Determining the negative impact or unacceptable consequence in the event of loss of an asset or sabotage of equipment or interruption of a business process will help identify critical assets, or equipment, or process that needs to be protected.

Once the designer completes these three steps, he can determine the protection objectives of the physical security system. For example, to intercept a criminal adversary with hand tools and a vehicle before he removes finished goods from the shipping dock. The threat definition will depend on target identification and vice versa. Since any facility can have any number of threats, the process of determining objectives will be somewhat recursive and requires assessing the complex relationships among the protection system objectives.

2. Design Physical Security Systems in Dubai:

Once the designer knows the objectives of PSD that is what to protect against whom, the next step is to design the new system or characterize the existing system.

The primary functions of a physical Security system are.

• Detection of an adversary
• Delay of that adversary
• Response by security personnel (Guard Force)

If a new system is to be designed, the designer should better integrate PSD components (people, procedures, and technology) with PSD functions (detect, delay and response) to achieve PSD objectives.

The integration process includes better combining the elements such as barriers, intrusion detection systems, access control systems, video surveillance, communication devices, procedures, and security personnel into a physical security system that can achieve the protection objectives. An effective PSD should meet protection objectives within the operational, safety, legal and economic constraints of the facility.

The designer should also be aware and implement certain important principles during the physical security design and the close associations between detection, delay, and response functions. For instance,

• A physical security system performs better if detection is as far as from the target as possible and delays are as near as the target.
• Detection without assessment is not detection.
• A response Force cannot respond unless it receives a communication call for a response.

The designer should integrate each system component in combinations that complement each other to protect against any weaknesses in the overall PSD.

If the Physical security system already exists, it must be characterized to establish whether it is meeting the protection objectives. If not, it needs to be redesigned.

3. Analysis and Evaluation of PSD:

Once the PSD is designed, it must be analyzed and evaluated to ensure that it is meeting the physical security objectives. To estimate the minimum performance levels achieved by a physical security system more sophisticated qualitative and quantitative analysis techniques can be used. Generally, quantitative analysis will be used in systems that are designed to protect high-value critical assets and qualitative techniques used in systems that are designed to protecting lower value assets. In order to complete a quantitative analysis, performance data must be available for the system components.

The outcome of this analysis process is a system vulnerability assessment which will find that the design effectively achieved the protection objectives, or it will identify weaknesses.

If the protection objectives are achieved, then the design and analysis process is completed. However, the PSD should be analyzed periodically to ensure that the original protection objectives remain valid.

If the PPS is found to be ineffective, the designer needs to redesign or upgrade the initial protection system design to correct the identified vulnerabilities. Then, an analysis of the redesigned system is performed. This cycle continues until the outcome indicates the PSD meets the protection objectives.