PARAS 0014.BlastMitigationStrategies - Finalguidebook
PARAS 0014.BlastMitigationStrategies - Finalguidebook
PARAS 0014.BlastMitigationStrategies - Finalguidebook
Guidebook
Deborah Blass
Arup USA, Inc.
New York, NY
COPYRIGHT INFORMATION
Authors herein are responsible for the authenticity of their materials and for obtaining written permissions from
publishers or persons who own the copyright to any previously published or copyrighted material used herein.
National Safe Skies Alliance, Inc. (Safe Skies) grants permission to reproduce material in this publication for
classroom and not-for-profit purposes. Permission is given with the understanding that none of the material will be
used to imply Safe Skies or FAA endorsement of a particular product, method, or practice. It is expected that those
reproducing the material in this document for educational and not-for-profit uses will give appropriate
acknowledgment of the source of any reprinted or reproduced material. For other uses of the material, request
permission from Safe Skies.
NOTICE
The project that is the subject of this report was a part of the Program for Applied Research in Airport Security
(PARAS), managed by Safe Skies and funded by the FAA.
The members of the technical panel selected to monitor this project and to review this report were chosen for their
special competencies and with regard for appropriate balance. The report was reviewed by the technical panel and
accepted for publication according to procedures established and overseen by Safe Skies.
The opinions and conclusions expressed or implied in this report are those of the individuals or organizations who
performed the research and are not necessarily those of Safe Skies or the FAA.
Safe Skies and the FAA do not endorse products or manufacturers.
AUTHOR ACKNOWLEDGMENTS
Arup would like to acknowledge the following for their contributions in the development of this
guidebook:
• National Safe Skies Alliance’s Program for Applied Research in Airport Security (PARAS),
which provided funding. Particular thanks are given to the program manager, Jessica Grizzle.
• The PARAS 0014 Project Panel Members, who also provided significant review and
contributions.
• The airports who provided invaluable input during interviews to facilitate identification of the
motivation and objective of this research; the direction of this guidebook was shaped, in part,
thanks to their input:
o Boise Airport
o Dallas/Fort Worth International Airport
o Fresno Yosemite International Airport
o General Mitchell International Airport
o Jacksonville International Airport
o Oakland International Airport
o San Antonio International Airport
o San Francisco International Airport
o San Jose International Airport
o Wichita Dwight D. Eisenhower National Airport
• This research was supported by Mark Gardner, Director of Engineering at bmk Engineering,
Inc., who provided constructability review and drafting, cost estimating, and technical writing
support.
• Lastly, this research would not have been possible without the help of Arup’s network of security
designers, aviation security experts, blast engineers, aviation planners, pedestrian modelers, cost
estimators, technical writers, and graphic designers who provided support from around the globe.
Not all can be listed; however, particular appreciation is given to:
o Deborah Blass, Project Manager and Principal Investigator
o Sam Noli, Subject Matter Expert – Blast Mitigation
o Stacey Peel, Project Reviewer and Subject Matter Expert – Aviation Security, Risk and
Compliance
o René Rieder, Jr., Project Director and Subject Matter Expert – Aviation Security
CONTENTS
SUMMARY xi
SECTION 1: OVERVIEW OF GUIDEBOOK 1
1.1 Introduction 1
1.2 Motivation 2
1.2.1 Input from Airports 2
1.2.2 Gaps in Current Guidance 6
1.3 Guidebook Objective 8
1.4 Application 8
SECTION 2: BACKGROUND INFORMATION 9
2.1 Basic Principles of Blast Loading 9
2.2 Historical Explosive Events and Future Trends 11
2.2.1 Istanbul Atatürk Airport 11
2.2.2 Brussels Airport 12
2.2.3 Madrid-Barajas Airport 13
2.2.4 Other Notable Incidents 14
2.2.5 Example Explosive Sizes in Historic Attacks 15
2.2.6 Evolving Threats 15
2.3 Introduction to Technical Blast Concepts 16
2.3.1 Design-Basis Threat 16
2.3.2 Performance Criteria 17
2.3.3 Expected Damage 19
2.4 Introduction to Blast Analysis 22
2.5 Design and Procurement of Blast-Mitigation Measures 25
2.5.1 Roles during the Design Process 25
2.5.2 The Procurement Process 27
SECTION 3: COMPLIANCE AND RISK-BASED REQUIREMENTS 29
3.1 International Requirements and Risk-Based Approach to Non-Secure Area Security 29
3.2 The Risk Assessment Process 31
3.3 United States Compliance Requirements 33
3.4 Note about Blast Risks 33
SECTION 4: MITIGATION MEASURES 34
4.1 Physical Measures 36
4.1.1 Reinforced Concrete Detailing 36
4.1.2 Structural Steel Detailing 38
4.1.3 Progressive and Disproportionate Collapse Resistance 39
4.1.4 Facade Measures 42
4.1.5 Vehicle Security Barriers 48
Table B-8. Individual PBIED Mitigation Measures Considered at the Example Airport B-11
Table B-9. Example Scoring of Mitigation Measures Against Proposed Security Metrics B-12
Table B-10. Mitigation Measures and Listed Annual Financial Cost B-12
Table B-11. Assessment Summary of A, B, C, and D Mitigation Combinations B-13
Table B-12. Summary of Selected Combination Measure (Combination B) B-13
SUMMARY
This guidebook facilitates the implementation of effective blast-mitigation strategies in non-secure airport
areas to reduce risks of explosive attacks. Certain solutions may be effective at one airport but not at
another. Each airport faces unique constraints, such as different vulnerabilities and risks, and varying
sizes and financial capabilities. Therefore, this guidebook is not prescriptive but instead provides a
process by which airports can implement the most appropriate strategies. A holistic approach is taken to
determine risk-reduction measures, whereby a balanced security strategy is achieved by combining
physical, technological, and operational solutions.
1.1 Introduction
Arup USA, Inc. (Arup) was contracted to develop this guidebook addressing blast-mitigation strategies
in non-secure areas of airports by National Safe Skies Alliance, Inc. through their Program of Applied
Research in Airport Security (PARAS).
This guidebook helps professionals involved in airport design and operations develop blast-mitigation
strategies customized to their specific risks, contexts, and needs. The aim is to answer the following
question: How can I mitigate the blast risk at my airport?
This guidebook covers several aspects of effective blast mitigation strategies in detail:
As mitigation measures are considered, a risk assessment will help decision-makers understand the risks
unique to the airport and site and, therefore, develop targeted and proportionate measures. Measures
must also be compliant with relevant legislation.
After airports have gone through the measure-selection process, residual risks should be evaluated in
accordance with the risk-assessment process.
Unless otherwise stated, the terms “risk-reduction measures” and “security measures” refer collectively
to nonspecific measures and may include operational, physical, design, or technology security measures,
e.g., guards, bollards, standoff distance, or CCTV, respectively. Where reference is specific to the blast
threat and risk, the terms “blast protection” and “blast-risk-mitigation measures” will be used.
1.2 Motivation
This guidebook was created to address challenges faced by airports in implementing blast protection. As
part of the development of this guidebook, Arup interviewed airport professionals and undertook
research to identify existing gaps in currently available guidance.
The information obtained from interviews and gap-analysis research influenced the objective and
intended application of this guidebook.
PROJECT IMPLEMENTATION
Several of the individuals interviewed have had experience incorporating blast-mitigation strategies at
their airports, ranging from structural hardening to operational measures. Almost all were confident that
the airport’s security team would be involved in new projects at their airport and could therefore request
the consideration of blast mitigation. However, if the security department were not as active in the
project planning process, its input could be overlooked or incorporated late in the process. To ensure a
cost-efficient and effective security outcome, airport security departments must proactively participate in
the early stages of project planning.
Interviewees consistently suggested that to determine design-basis threats, airport security stakeholders
(e.g., law enforcement, Transportation Security Administration [TSA], Federal Bureau of Investigation
[FBI], private security, and corporate security) should gather intelligence, determine the threat, and
identify the assets that require protection. Most airports did not have a pre-existing threat or risk
assessment. Almost all interviewees noted that it was difficult to determine how exactly to protect
against those identified threats and what level of blast protection was required. They stated that the
ultimate decisions regarding blast-protection measures are made by the senior management on the
airport board, the chief airport operator, or similar high-level executives; these positions have the
authority to make risk-based financial decisions, which are otherwise unregulated. The involvement of
the security team in decision-making varied from nonexistent, with decisions made in a private meeting
without security’s involvement, to significant, with decisions heavily influenced by security.
Just over half of the airports interviewed have taken proactive steps to evaluate vehicle-borne
improvised explosive device (VBIED) and person-borne improvised explosive device (PBIED) threats
to their airports from physical and design perspectives:
• Some integrated blast-protection measures into their design, based on the airport
owner/operator’s decision to follow recommendations made by their blast consultant.
• Some excluded blast-protection measures from their design, based on the airport
owner/operator’s decision to follow the blast consultant’s recommendation that physical
protection is not necessary, for example, due to large standoffs (i.e., distance between vehicle
access and terminal buildings) or robust structures.
• In all cases, the blast-protection studies were incorporated as part of another capital project, such
as a terminal renovation, that was not initiated with the objective of providing blast protection.
Although the interviewees were generally familiar with the PARAS 0004 document, Recommended
Security Guidelines for Airport Planning, Design, and Construction (formerly issued by TSA under the
same name), it does not appear to be used frequently by the airports interviewed. A few individuals
stated that the architects or designers on the planning team used this document on projects. One airport
noted that to understand the application of current best practices, the airport sends a representative to
other airports around the world.
Another airport said that although the budget is always considered, the primary concern at their airport is
to implement strategies to fix identified problems; however, when it comes to blast mitigation, the
airport is unsure how to clearly identify the problem or determine whether there even is a problem.
Some individuals suggested that the incorporation of security measures is dependent on the CEO or
COO, and that some CEOs put greater emphasis on security than others. In summary, there is variability
among airports regarding the need to include or prioritize blast mitigation in their projects.
CURRENT MITIGATION STRATEGIES
The airport representatives interviewed were overwhelmingly dissatisfied with the amount of currently
available information and guidance resources relevant to blast mitigation. However, there was some
consistency in the risk-mitigation measures being considered by most airports:
• Law enforcement patrols in and around terminals to look for suspicious packages and persons
• Hostile vehicle mitigation measures at doorways along the landside curb
• Police presence in terminal front of house (FoH) and at curbside to deter aggressors
• Random canine patrols through the terminal FoH and parking garages
• Landside vehicular traffic controls (passive and active)
• Landside loading dock deliveries scheduled and received by the expecting entity; otherwise, they
are turned away
• Video surveillance coverage; however, this is mostly used for post-incident investigation, as not
all coverage is actively monitored (too many cameras, not enough people for active monitoring)
• Recurrent training for all airport employees, including for non-security personnel, such as
incident response and reporting of suspicious activities
• Plans and procedures to achieve greater standoff to vehicles during elevated threat levels
• Contracted security services to monitor areas like parking garages and loading docks (medium
and large airports only)
One of the medium-sized airports interviewed is implementing additional measures beyond those
typically adopted, including visual explosives screening of all trucks going to the loading dock prior to
their admittance near the terminal, new blast-designed facade, video analytics to detect suspicious
packages and vehicles, and headway bars to limit the size of vehicles allowed to approach the terminal.
These measures have been implemented as a direct result of recommendations made by a consultant.
However, a risk assessment was not undertaken to determine these measures.
In a heightened threat condition, most airports interviewed have a plan in place that involves
coordinating with TSA and law enforcement to reroute vehicle lanes to achieve more standoff to the
terminal, restrict parking to certain areas, and perform vehicle inspections (a TSA requirement for a
number of airports). Additionally, most airports will provide increased police presence in the non-secure
areas of the airport during elevated threat levels.
• Buy-in by decision-makers
• Costs of the measures
• Lack of clarity in determining what measures are needed and where
Every airport interviewed made a direct or implied reference to all three of these challenges.
BUY-IN AND RESOURCE ALLOCATION
Blast-protection measures are not typically considered a high enough priority for a budget to be
allocated, with many airports noting passenger experience (e.g., murals, terminal cleanups, etc.)
initiatives being prioritized over security investment, including blast protection. Additionally, one
airport noted that it was difficult to get the planning department to focus on relatively small-scale
projects such as blast protection when they are often focused on large (e.g., $20-30 million) capital
projects.
One airport highlighted that the project funding source influenced the prioritization of resources. For
example, projects funded by grants—e.g., apron and taxiway rehabilitation, erosion control and drainage
improvements, or taxiway lighting—were given resource-allocation priority compared with revenue-
funded projects such as terminal expansion/renovation (which would include blast protection).
Buy-in by decision-makers was cited as the biggest challenge for one airport, with another airport stating
that understanding the risk was the greatest challenge to establishing buy-in: it is difficult to justify
capital investment to mitigate something “that may never happen.” This was underscored by another
airport’s observation that the Brussels Airport attack (March 2016) influenced their ability to secure
investment because the event happened to occur at the same time they were seeking funding.
The need to ensure compliance with regulations appears to have an influence on securing buy-in. One
airport noted that at the time of their terminal reconstruction, the now-retracted “Special Category
Airport 3,” also known as the “300-foot rule,” was being publicized by the TSA, and it was therefore
easier to secure funding for a blast study.
COST OF BLAST PROTECTION
In general, airports reported the high cost of incorporating blast protection as a major challenge. The
following examples were cited in the interviews:
• One airport discovered partway through a glass-facade-strengthening project that in order to gain
the greatest security value from a blast-protection investment, strengthening the terminal’s
support structure and columns would also likely be required. This type of unexpected and costly
upgrade underscores the “excessive” cost perception of blast protection.
• One individual mentioned that their airport had studied what was required to protect against a
van or car explosive adjacent to the terminal and deemed the cost “ridiculous.” This view and
lack of understanding of the risk further reduced the credibility of blast protection as a valid
security measure.
• The level of revenue (investment source) relative to the cost of blast protection, including expert
advice/consultancy and the measures themselves, is significant at smaller airports; the money is
simply not available.
• One airport noted that blast protection is an “afterthought” in capital projects, resulting in it
becoming even more costly and then “nobody wants to do it.”
• One airport noted that achieving certain protection measures, such as obtaining greater vehicle
standoff and separating the loading dock from the terminal, requires large-scale changes to the
existing airport configuration that are neither economically nor operationally feasible.
Several airports cited cost as the overall biggest challenge to implementing blast-protection measures.
This perspective highlights the implications associated with not having a risk-based security culture.
Without an understanding of what blast-protection measures buy in terms of risk reduction (or return on
investment), blast-protection measures are viewed only as a cost. This guidebook aims to help airports
realize the value achieved by introducing various blast-protection measures, using a risk-based
approach.
PERCEIVED AMBIGUITY IN GUIDANCE
Ambiguity about which guidance to follow, what measures to implement and where, and what scale or
level of protection should be implemented was cited by at least one airport as the single biggest
challenge in incorporating blast protection.
The interviews indicate there is a perception that blast-protection measures are best determined by an
external entity or authority, particularly in an unregulated environment such as landside. This leads to
confusion about which guidance to follow, since any guidance documents available on the topic only
make recommendations, which do not have the authority of requirements. Furthermore, due to the site-
specific nature of security risks, the information varies among the available guidance.
Generally, because the airports do not understand what level of risk or protection they should be
pursuing, they do not know which guidance and measures to adopt. Some airports have used expert
advice from consultants, but the value of the investment is not always recognized throughout the
organization due to the absence of a risk-based culture.
Another consistent desire among the airports interviewed was for an external authority to determine
measures and clearly communicate those through authoritative guidance.
The information currently available about risk assessment provides airport owners and operators with
clear guidance on the risk-assessment process. However, the guidance is limited to conducting the risk
assessment and does not extend to guidance on mitigating the risk, i.e., how to determine which
measures to use to mitigate which risks, how to determine an acceptable level of risk reduction, and how
to measure the effectiveness of measures in reducing risks, either on their own or in combination.
Regarding blast protection, there is little guidance on the level of protection that should be achieved.
This is to be expected given that the risks and risk appetites are different for each airport, and therefore
the level of protection will be unique to each airport.
The literature review conducted in the process of developing this guidebook found that there is little
discussion of the non-security impacts of implementing various blast-mitigation measures (both positive
and negative). These include airline and airport operational disruption during implementation, influence
on architectural objectives, operational changes required to facilitate implementation/operation and
maximize the security value of measures, supporting infrastructure changes required to facilitate the
implementation/operation, and indirect benefits of blast-protection measures. Examples include the
following:
• Establishment of standoff may require rerouting of approach roads and may influence parking
design or result in greater walking distances for passengers.
• Retrofitting of facade glazing for resilience requires the deployment of scaffolding or temporary
closure of terminal areas, which could affect passenger experience and airline operations.
• No-parking zones in front of the terminal help improve traffic efficiency in passenger pick-up
and drop-off zones.
• Reducing queuing times improves the passenger experience and increases the amount of time
passengers spend on the airside, where they are likely to make purchases.
1
Except Singapore, which recently passed the Infrastructure Protection Act of 2017, mandating that blast be considered.
2
Annex 17 Standard 3.1.3
3
Annex 17 Standard 4.8.2
4
Annex 17 Standard 4.8.1
• Blast-mitigation requirements may influence the use of particular materials, and the shapes and
sizes of various terminal elements, which may impact architectural objectives.
• Changes to screening, resourcing, and training may impact both airport and airline employees, as
well as passenger experiences.
Selection of security measures should consider all implications, not just a measure’s ability to mitigate a
security risk. This is particularly relevant when comparing different measures available to reduce the
same risk, e.g., standoff versus structural strengthening. There is, however, little guidance available to
assist with this important process. Further, little to no cost information is made available to airports to
enable them to assess and compare the whole-of-life cost—capital and operating cost—of specific
security measures.
The most widely available guidance documents regarding blast protection are specific to typical building
structures. Variations in airport structures can be significant for large airports such that the specific
building requirements in these guidance documents are not entirely applicable. Additionally, there is no
guidance available relating to nonbuilding areas within airports, such as bus stops or fuel farms.
The Federal Highway Administration’s (FHWA) Bridge Security Design Manual (June 2017), can be
used for the design of elements such as raised roadways common at airports. However, the FHWA
document, along with many others (e.g., American Society of Civil Engineers (ASCE) 59-11 Blast
Protection of Buildings or Unified Facilities Criteria (UFC) 3-340-02 Structures to Resist the Effects of
Accidental Explosions), is intended for a highly technical audience of specialist engineers. The contents
are largely incomprehensible to anyone without significant structural design engineering experience.
Design according to such standards also remains somewhat prescriptive. While blast-resistant design is
often identified as a branch of performance-based design, standards such as ASCE 59-11 require the end
user of a building to make judgments about the anticipated threat size and desired level of performance.
Often such end users are unaware of or lack experience to understand the choices they are being asked to
make and the potential outcomes (e.g., costs or aesthetics) of their decisions. It is often difficult for
organizations to retain experience or knowledge in this area because blast is typically considered only
when assets are built, replaced, or substantially refurbished.
Blast-resistant design requires a holistic approach that demands input from a wide range of individual
specialists including but not limited to threat and risk, airport operations, architectural, project
management/delivery, airport security operations, communications/IT, quantity surveying, and various
engineering disciplines. Despite this multidisciplinary need, guidance tends to be targeted to risk
assessments and structural engineering, without reference to this broader input.
Also neglected in many industry guidance documents is the importance of recovery and reinstatement of
services following a blast incident. While the documents above reference business-continuity objectives,
these are typically ill-defined. The dominant feature of the blast-specific design and guidance documents
reviewed was an emphasis on structural and facade performance—critical building services were often
referenced only with regard to their physical hardening or placement to reduce exposure to blast effects.
Assessment of the consequences of blast effects on services is not well-defined. Furthermore, despite
significant law enforcement agency needs following a blast (e.g., time and access control for forensic
investigation), there is little to no general guidance available for the industry to draw on to inform their
business-continuity planning.
• Physical factors (e.g., structural and facade hardening, vehicle barriers, etc.)
• Technological factors (e.g., CCTV and analytics, etc.)
• Operational factors (e.g., canine patrols and behavioral detection officers, etc.)
• Architectural layouts (e.g., crowd management, etc.)
The guidebook does not attempt to replicate specific guidance such as risk assessment or structural
engineering specifications that are already available. Rather, it clarifies their application in the context of
blast mitigation. Since each airport has a unique combination and configuration of size, landside assets,
risk profile, and risk appetite, the guidebook does not prescribe particular measures. It is designed to
apply to airports of all sizes and addresses risks associated with all non-secure areas. The guidebook also
draws upon previously published information, such as the PARAS 0004 document.
As confirmed by the interviews, airports rely heavily on the technical design community, such as
architects, to determine security measures. Therefore, this guidebook is also intended for use by
designers including architects, planners, and engineers who may be working with airport security
stakeholders or airport owners on a project that requires blast protection.
It may not always be obvious when a blast strategy is required—some projects inadvertently introduce
or increase security risks without any defined security scope. This further underscores the need for a
security risk assessment and early consultation with the airport’s security team in any capital project.
1.4 Application
The guidebook is intended for professionals involved in determining blast-protection measures at
airports. This includes airport owners and operators as the ultimate security-risk owners; airport security
managers who facilitate the implementation of risk-mitigation measures; and the design community,
such as architects, engineers, and planners. The guidebook is applicable to all airports in the United
States. Although not every strategy will be applicable to every airport, the guidebook is designed to help
airports evaluate whether each strategy is applicable to their specific contexts.
This guidebook should be reviewed before the start of any new landside facility, security, transportation
planning, or construction project for awareness of potential project implications. It should be used as a
reference for the basis of design during the course of any applicable landside projects. In a request for
proposals, an airport can require that this guidebook be used as a security reference.
This section provides information to improve baseline knowledge about blasts, including the following:
• The basics of blast loading and analysis to help users understand why and how certain
mitigations may work
• A review of historical attacks, including means and methods, and the implications associated
with certain mitigation measures
• Examples of blast threat sizes and the damage that could be expected as a result of those threats,
to provide airports with a greater understanding of the risk management and acceptance process
in the blast context
The blast wave creates a short-term pressure on any surface it encounters. The surface could be an
exterior building facade, an interior structural column, or a person. It is essentially a very high wind load
for a very short period of time. Typically, the duration of a sustained wind gust is up to 20 seconds. A
typical blast load duration is less than 20 milliseconds, or less than 0.1% of the duration of a sustained
wind gust.
Blast loading is expressed in terms of pressure, time duration, and impulse. The pressure is expressed in
terms of psi (pounds per square inch) or psf (pounds per square foot) and defines the peak magnitude at
which the blast wave impacts the surface. Blast-designed facades are typically designed for blast
pressure in the 4 psi to 10 psi (576 psf to 1,440 psf) range. A typical exterior facade for wind is designed
for a continuous load of 30 psf to 35 psf.
Time duration is expressed in terms of msec (milliseconds) and defines how long the blast wave is
impacting the surface. Typical building facades are designed assuming the pressure reduces to 0 psi at
the end of the time duration. The impulse is expressed in terms of psi-msec and accounts for the total
energy impacting the facade based on the peak pressure and time duration. Higher pressures and longer-
duration events increase the total energy.
There are three main variables in determining the magnitude of the blast load at any given surface: size
of the threat (explosive type and size), standoff (distance from threat to surface), and line of sight (angle)
from threat to surface. The standoff distance plays a key role in the blast loading, as the total energy in
the blast wave is directly proportional to the standoff. If the standoff is doubled, the impulse is reduced
by about 46%. The other design-controlled variable is the line of sight from the threat to the surface. The
worst-case scenario is that in which the surface is perpendicular to the blast wave, creating a fully
“reflected” pressure loading. If the threat can be restricted to an angle (say, 45 degrees), the impulse is
reduced about 15% as it creates a “side-on” loading.
See Figure 2-1 for a simplified picture showing standard design conditions. The threat (truck) is located
on the roadway with a standoff from the threat to the building facade. The building facade depicts the
intensity of the blast wave on the facade’s surface, with a higher magnitude at the base and a smaller
magnitude at the upper levels, as the distance away from the threat increases. In the blast engineering
industry, the threat is typically specified in pounds of trinitrotoluene (TNT). Conversion factors for other
types of explosives to TNT equivalence are available in various blast engineering references such as
ASCE 59-11 and Blast Effects of Buildings by Cormie, Mays, and Smith (2009). More information
regarding typical explosive sizes are presented in Section 2.3.
When a threat is in a confined space, such as a lobby or mail room, the blast pressure is confined, which
increases the total impulse on surrounding surfaces. The blast wave will reflect off adjacent walls and
increase the time duration a surface experiences the blast load. Typical blast-protection measures for
confined spaces include pressure relief panels or walls that are designed to fail and alleviate the other
walls from the blast load.
After the initial blast wave, a vacuum is created that will almost immediately refill itself with the
surrounding atmosphere. This creates a very strong negative pressure on the surface. This negative
pressure can minimize debris propelling into occupied space but is hard to accurately predict. Because of
the large unknown, this negative pressure is ignored during design to produce a slightly conservative
design solution.
Most facade systems are designed to resist the impulse as the controlling factor; therefore, increasing
standoff or changing the line of sight will reduce the total energy the surface must absorb.
After a blast wave strikes a surface or body, high-velocity shockwaves will continue to pass through the
surface or body. These shockwaves carry energy through the surface. If the individual surface elements
are unable to resist these waves, these elements will either break apart and become flying debris or
structurally fail, causing major damage to the surrounding area. In people, the shockwaves will travel
through internal organs and tissues, causing severe damage. Any flying debris could also cause
lacerations and other injuries to anybody inside the buildings. Flying debris is the leading cause of
injuries in a blast event.
Additionally, when a bomb explodes, the bomb casing and any additional shrapnel (nails, screws, or
other items included in the bomb) will be violently propelled outward and away from the explosion at
extremely hazardous speed. This fragmentation from the bomb casing and its shrapnel is referred to as
primary fragmentation. When these fragments strike buildings, concrete, masonry, glass, and other
facade elements, they may fragment even further and cause even more damage. This is known as
secondary fragmentation.
Lastly, the explosion may also create a fireball and high temperatures, which could result in burns on a
human body or cause secondary fires, depending on whether other fuel sources or flammable materials
are located near the source of explosion. Fire and heat are often mistakenly interpreted to cause the
major damage in a blast event; however, the damage described in the paragraphs of this section is
primarily due to the pressurized air—the blast wave.
thought to be a direct result of interventions by law enforcement agencies, which had the effect of
reducing the impact of the attacks planned.
The attack resulted in the deaths of 45 people and injured at least 239 others.
The attackers were collectively armed with at least one automatic weapon (AK-47), a handgun, and two
grenades. Additionally, each attacker carried a PBIED hidden in a vest. It appears the attackers timed the
start of their attack on the terminal screening checkpoint to coincide with iftar, the evening meal that
marks the end of each day’s fast during Ramadan, most likely in an attempt to catch airport police and
security personnel off-guard. Because the event also coincided with a change of shifts, airport security
managers were able to deploy additional staff at extremely short notice. The gun attack on the screening
checkpoint lasted approximately 10 to 15 minutes. The entire duration of the attack was approximately
45 minutes.
No significant structural damage was caused by the incidents; however, some non-structural elements
were damaged, creating debris in the terminal.
The airport was closed for several hours after the attack. The next morning, incoming and outgoing
flights were operating, though some were canceled or delayed.
The attackers at Brussels Airport utilized automatic weapons and IEDs packed with nails concealed
within two suitcases. One exploded at check-in row 11 on Level 3 of the Departures Hall and the second
exploded at check-in row 2 in the Departures Hall. Gunfire from automatic weapons (probably AK-47
assault rifles) prior to the explosion was reported. At least 13 people were killed in the explosions and
more than 80 injured. A third unexploded IED was discovered and disposed of by security forces in a
controlled detonation.
The locations of the explosions in the terminal building suggests that the attackers may have tried to use
a pincer-style attack by detonating one device, causing the crowd to run, and then using a second device
in the midst of the fleeing crowd. This suggestion is supported by the fact that the IEDs were packed
with shrapnel and partially explains the high number of injuries relative to fatalities.
The attack at Maelbeek Metro station involved the manual detonation of an IED in a train carriage as the
train ran along the platform at Maelbeek station. The explosion killed at least 15 people and injured
more than 170 others. The source of the explosion is suspected to be a belt device worn by the bomber.
Maelbeek station is in central Brussels and serves as a transport hub for several European Union
administration buildings.
All IEDs used in the attacks are suspected of being composed of triacetone triperoxide (TATP), a highly
unstable homemade explosive. TATP has been used by terrorists inspired by Daesh.
The blast did not cause structural damage to the terminal building, but non-structural elements suffered
damage, such as the suspended ceiling at some locations within the terminal.
The airport was closed after the attacks, and flights were diverted to other airports. On April 3, flights
began resuming. As a response to the attack, an extra 1,600 police officers were deployed to train
stations, airports, and border crossings.
Figure 2-3. Damage after the Madrid Airport Bombing Resulted in Demolition
Figure 2-4. Timeline Showing Approximate VBIED Explosive Sizes for Significant Events
in Pounds of Equivalent TNT
Oklahoma
City:
4,000 lbs
Marriott
Beirut St. Mary Axe,
Hotel,
Embassy: London:
Jakarta:
2,000 lbs 800 lbs
480 lbs
Manchester
City Center:
1,800 lbs
such as common chemicals, as precursors to manufacture explosives. Although legislation has been
considered to restrict access to these chemicals and some has passed, it is not effective and is not
expected to remove all chemicals that may be used to make explosives from retail shelves. Where
legislation is not successful, increased information-sharing between intelligence agencies, law-
enforcement, and first responders is recommended to help disrupt the process of bomb makers.
Because terrorist events are unpredictable and data about historic events is limited, it is not possible to
accurately quantify the savings achieved from blast-mitigation strategies. Although there is merit in
making it more difficult for terrorists to achieve their objectives, intelligence suggests that IED attacks
will continue and evolve in regard to both composition and method of delivery, the latter in order to
attempt to bypass security measures. Implementing blast-mitigation strategies, therefore, may not be
able to prevent all attacks, but an achievable objective is to reduce the likelihood and severity of such
attacks.
low, particularly in regard to impacts from shrapnel; a blast engineer/consultant will be able to make
estimates to define the DBTs appropriately. If a type of explosive other than TNT is specified, data from
various reference books can be used to convert the explosive to its TNT equivalent. One such reference
is Blast Effects on Buildings, 2nd edition, by D. Cormie, G. Mays, and P. Smith (2009).
To determine the standoff, the means and methods of the attack should be considered to identify specific
locations where the origin of detonation may occur. These details may be developed through conducting
a threat, vulnerability, and risk assessment (TVRA). A TVRA is a risk assessment and threat
identification exercise that identifies the most credible level of threat to which an asset, such as a
building or parking garage, may be vulnerable. This assessment is usually led by a security consultant
with expertise in understanding the current threat trends and recent attacks. To ensure the TVRA
captures the full spectrum of potential threats and all the development vulnerabilities, it is imperative
that all project stakeholders and relevant design disciplines attend the workshop or consultation. This
type of workshop can be hosted and facilitated by a blast engineer/consultant with aviation experience.
Table 2-1 provides benchmark DBTs based on Arup’s global experience in blast mitigation of airports.
VBIED PBIED
Charge Charge
Standoff Standoff
Weight Weight
(feet) (feet)
(pounds) (pounds)
200 100 10 3
500 100 25 3
1,000 100 50 3
2,000 100 75 3
2,000 150 100 3
2.3.2.1 Background
The objectives of existing guidance are best summarized by Chapter 3.2 of ASCE 59-11, which is a
technical reference for blast mitigation, primarily focused on structural hardening:
• Limit Structural Collapse. All structural elements shall be designed and detailed to respond in
a manner consistent with the defined level of protection to the direct and indirect effects of the
specified explosive threats in accordance with this Standard. When these blast effects are
expected to cause plastic hinging or localized failure of individual structural elements, the
damaged state of the structural system as a whole shall be evaluated to verify that global stability
is maintained.
• Maintain Building Envelope. All exterior structural and nonstructural elements, including
openings, shall be designed and detailed to reduce the potential of a breach that would allow the
overpressures from the specified exterior explosive threats to enter the interior of the building,
consistent with the defined level of protection. For facade components, including windows and
doors, both resistance-based and hazard-based design approaches shall be acceptable.
• Minimize Flying Debris. Barriers, site furnishings, landscaping features, and structural and
nonstructural elements, including exterior openings such as windows and doors, and interior
overhead mounted items, shall be located, designed, and detailed to reduce the potential for
producing hazardous secondary fragments due to the specified explosive threats, consistent with
the defined level of protection.
These objectives relate principally to the design (hardening) of building structures and are substantially
(although not exclusively) related to the design of such structures to resist vehicle-borne attacks or
attacks specifically targeted at the building structure.
This is often specified as a “level of protection.” Examples of level-of-protection tiers are specified
within ASCE 59-11, as described in Table 2-2 and shown in Figure 2-5.
ASCE 59-11
Level of Description of Performance Expected Structural Damage
Protection
Source: Arup
Although the wording to define a particular tier of performance may vary among industry guidance
documents, the principle of performance criteria is the same. Performance criteria or objectives can be
defined in accordance with any applicable document, or even modified as required to meet owners’
needs.
standoff, and reasonable mitigation measures. The graphic focuses only on facades and columns, which
generally are the most critical components for blast mitigation.
The curves represent the applicability of various types of enhanced measures, showing what can be
reasonably achieved in terms of threat size and standoff. The area under the curves represents the
scenarios whereby such a measure would not typically meet a reasonable performance. For example, it
is not generally commercially feasible to mitigate high threat sizes at relatively low standoffs while still
maintaining a high level of protection. This graphic is indicative only and is aimed at providing context
for decision-makers in the early stages of a project. Further information on the construction details
shown can be found in Appendix D.
Source: Arup
Blast analysis is a unique subset of structural engineering. When a structural engineer designs a
structure, they are designing a building to last over time without any damage. A blast analysis is
designed typically to protect the facade and structure enough for people to evacuate the building;
however, it is expected that major reconstruction will be required after an event. In this situation, the
blast analysis is allowing certain failure under this unique scenario, while the structural engineer is
designing for no failure under conventional load scenarios (wind, snow, etc.)
Blast analysis is typically required when either of the following takes place:
The first step is to calculate the applied pressure on the surface to be analyzed. As discussed in Section
2.1, there are three parameters needed: threat size, standoff, and line of sight. With this information,
several computer programs can be utilized to calculate the blast loading profile: pressure, impulse, and
time duration. See Figure 2-7 for example output.
Source: Arup
The second step in the analysis is to perform preliminary calculations based on design parameters from
other design professions. For example, the blast engineer will work with an architect on the facade
system: glass size, mullion spacing, and the supporting structure. Once these parameters are understood,
a single degree-of-freedom (SDOF) analysis is performed. SDOF takes a complex analysis and
simplifies an element into a mass (weight of member) and spring (strength of the member).
See Figure 2-8 for a depiction of the mass-and-spring concept. The blast load [p(t)] is applied to the
mass (m) and the deflection of the spring (k) is calculated. The deflection is the maximum distance the
blast load was able to pull the mass based on the resistance strength of the spring. That deflection is then
compared to an allowable deflection, based on the design criteria, to determine if the member (i.e., its m
or k) needs to be enhanced.
Upon completion of the preliminary calculations, it is likely that some changes to the design need to be
made. This could be as simple as providing a cost-effective enhancement—heavier beams or thicker
glass. However, sometimes the designing engineer needs more of an in-depth study on the overall effect
of the analysis on the project. If a cost-effective design solution is unachievable, the team can reevaluate
some of the initial assumptions in the design. This could include the standoff, threat size, level of
protection, etc.
Depending upon the project site, gaining more standoff might not be achievable without major
alterations to the design or function of the facility, especially in existing facilities. Increased standoff is
typically incorporated by adding curbs or vehicle barriers. In any project condition, increasing standoff
is difficult, as land is a valuable commodity in any design. However, it can be a key aspect to the design
and aid in significantly reducing hardening costs to the facility.
During this design process, if warranted, a more detailed analysis could be performed above the SDOF.
These processes take additional engineering time but may result in an overall cost savings to the project.
The most common analysis is multiple degree-of-freedom (MDOF). In this approach, the SDOF model
is applied in a series of elements. For example, the analysis is first performed on the glazing, which will
result in some absorption of the blast load. The glazing reaction is then applied to the mullion, so the
mullion resists less energy than if analyzed as a SDOF element. See Figure 2-9 for an example of
MDOF.
Lastly, the most detailed analysis is a finite element analysis (FEA). In a finite element model, the
member to be analyzed is subdivided into much smaller, simpler parts called finite elements. Then, the
simple equations that model these finite elements are assembled into a larger system of equations that
models the entire member. Although more time-intensive, FEA is typically required when complexities
exist, such as close-in detonations, curved or atypical geometries, or a need to understand details of
performance.
Figure 2-10. Finite Element Analysis
Source: Arup
Upon completion of the analysis, the last step in the design process is to incorporate all the blast design
requirements into the construction documents. Most of the structural items such as slabs, beams, and
columns are incorporated into the construction documents’ drawings. Non-structural items like
windows, precast panels, etc. are incorporated into the construction documents’ specifications.
The need for a blast-mitigation strategy may not be immediately obvious, as some projects inadvertently
introduce or increase the risk to the airport even if there is no apparent security scope. For example,
changing the design of an approach road could inadvertently increase the attractiveness of a building as
a target, or the road design could allow for increased vehicle speed and therefore greater consequences
in the event of a penetrative VBIED attack.
The aim of retaining a threat and risk specialist as well as a blast engineer or consultant is to achieve the
following key objectives:
1. Seek expert advice in identifying the real and credible threats, vulnerabilities, and risks of the
asset in consideration. This facilitates evidence-based understanding of the risks, therefore
allowing objective allocation of limited resources.
2. Reduce cost through use of limited resources targeted to the airport’s unique risks, thus avoiding
one-size-fits-all security measures, which can result in wasted resources or counterproductive
measures.
3. Facilitate continual and informative engagement between the client stakeholders, designers,
security consultants, law enforcement, and other relevant stakeholders.
4. Improve security by helping clients and designers mitigate the risks of a blast threat. This
includes advising the client on feasible physical mitigation measures, and often is followed by
blast analysis to design the measures. Although the blast consultant traditionally specializes in
physical measures, in collaboration with a security engineer, technological or operational
measures can also be identified where they should be incorporated to supplement physical
measures.
The advice from the specialist will initially help the client assess the real and credible threats and the
corresponding risks posed. Unfortunately, not all threats can be eliminated, but in many cases the risks
can be managed and mitigated through physical protective measures and targeted use of limited
resources.
Apart from providing expert advice and assisting in eliminating or mitigating the blast threats, a blast
engineer/consultant can also be sought to bring the project cost down by helping the clients and
designers understand the project’s real threat and produce a final design that is neither under- nor
overdesigned. Moreover, early engagement can flag security issues that may be easily solved during the
early phases of a project, potentially through other design disciplines, such as landscape architecture and
surface transport design.
Table 2-3 shows the design and construction timeline airports should follow for incorporating blast-
mitigation measures in design projects from initiation, through planning and development, to
implementation in construction. Continual engagement between airport stakeholders, designers, and the
blast consultant throughout the process is necessary. The benefit of spending this additional time can be
difficult to perceive, but it is instrumental in delivering a successful security strategy with measures that
are utilized effectively.
Depending upon the potential staging of the work to keep most of a facility open, the proper restrictions
need to be adequately conveyed to the contractor facilitating the work. This would include noise and
time restrictions. If the work is going to occur only at night or during off hours, this will have to be
indicated because exterior work becomes more challenging without adequate lighting and additional
construction lights would be required. Subject to the location of lighting, this may have flight operations
implications. Additionally, it may influence the security risks to the airport, and this will need to be
mitigated accordingly (e.g., works that straddle the airside-landside boundary are most likely to require
additional guarding resources for supervision and inspection purposes).
If certain clearances and daily screening are required, this must be properly specified. For example, if
the contractor must plan over 30 minutes just to mobilize every day to get through screening and onto
the construction side, this needs to be conveyed to avoid additional costs for the contractor.
Furthermore, any travel lane restrictions need to be thought out in advance. If an airport has an overhead
roadway for departures and a roadway for arrivals, the phasing needs to be coordinated so that the areas
of construction are secured on both roadways simultaneously.
Impact on emergency response procedures during the construction period should be considered and
adjustments made in consultation with the relevant agencies. For example, whether or not construction
could change the location of emergency muster points or interfere with the usual emergency response
vehicle access is a possible consideration.
The construction documents should contain as much existing information as possible, including a
security-during-construction strategy. While unforeseen conditions can occur at any existing facility,
selective demolition during the design phase will prove to be a more cost-saving measure than trying to
redesign elements after the contractor has mobilized. Any delay during construction has been reported to
cost 10 or more times what could have been saved with some prudent investigations earlier in the
process.
During the submission process, the owner and design team may need to be willing to accept slight
variations from the construction documents to accommodate vendor-specific products. For example,
most blast-tested window mullions are 2.5 inches wide and either 7.5 or 10.5 inches deep. However,
some vendors only use a 3-inch-wide mullion, which may be more cost-efficient and could be an
approved alternative. If the sight line is a requirement, the specification needs to be strict in the language
and should not include the approved equivalent alternative language.
Additionally, if there are any restrictions due to existing conditions that need to be included in the
drawings and specifications, they should be clearly stated. For example, it might be a requirement to
limit the reaction of a mullion to an existing concrete wall because the wall will not work under a higher
reaction. It is incumbent upon the blast engineer during design to verify that a product can be supplied to
meet the specification. Providing clear documentation ensures that vendors cannot provide a cheaper
alternative that might overstep the limitations of the existing conditions.
All security measures to be applied at an airport are determined by the need to do the following:
Many States have adopted this outcome-focused approach to their own national program—they are
requiring industry to conduct their own risk assessments, drawing on national threat and risk information
to determine the measures that are necessary to reduce the risks that they identify and that exceed their
own risk appetites. This is increasingly prevalent in relation to the landside security risk. But unlike the
typical response to past terrorist threats, e.g., liquids, aerosols, and gels, Appropriate Authorities have
not issued prescriptive regulation following the high-profile landside attacks such as Glasgow (2009),
Brussels (2016), Istanbul (2016), and Fort Lauderdale (2017). This risk-based approach is consistent
with ICAO’s intent.
While outcomes-focused, ICAO is not silent on the landside security risk with the following SARPs
directly relevant to landside:
Standard 3.1.5 Each Contracting State shall establish a national aviation security
committee or similar arrangements for the purpose of coordinating security activities
between the departments, agencies and other organizations of the State, airport and
aircraft operators, air traffic service providers and other entities concerned with or
responsible for the implementation of various aspects of the national civil aviation
security programme.
Standard 3.2.4 Each Contracting State shall ensure that airport design requirements,
including architectural and infrastructure-related requirements necessary for the
implementation of the security measures in the national civil aviation security
programme, are integrated into the design and construction of new facilities and
alterations to existing facilities at airports.
Standard 3.2.2 Each Contracting State shall ensure that an authority at each airport
serving civil aviation is responsible for coordinating the implementation of security
controls.
Standard 3.2.3 Each Contracting State shall ensure that an airport security
committee at each airport serving civil aviation is established to assist the authority
mentioned under 3.2.2 in its role of coordinating the implementation of security
controls and procedures as specified in the airport security programme.
Standard 4.8.1 Each Contracting State shall ensure that landside areas are identified.
Standard 4.8.2 Each Contracting State shall ensure that security measures are
established for landside areas to mitigate the risk of and to prevent possible acts of
unlawful interference in accordance with risk assessments carried out by the relevant
authorities or entities.
Standard 4.8.3 Each Contracting State shall ensure coordination of landside security
measures in accordance with Standards 3.1.5, 3.2.2 and 3.2.3 between relevant
departments, agencies, other organizations of the State, and other entities, and
identify appropriate responsibilities for landside security in its national civil aviation
security programme.
The United States became a Contracting State in 1944 and the Appropriate Authority is the TSA. The
United States has ratified the security-related SARPs through the following legislation:
Figure 3-1. Determining Risk Reduction Measures at the National and Operator Level
Compliance with the national civil aviation security program is assessed by the regulator. As States
increasingly move to outcomes-focused regimes (i.e., the risk-reduction measures are determined by the
operator based on their own risk assessment), the regulatory focus is likely to shift to (a) the quality of
the risk assessment and (b) the effectiveness of the applied risk-reduction measures.
In other words, States, via the Appropriate Authority, are expected to comply with Annex SARPs. It is
the Appropriate Authority that is audited by ICAO. The industry is not expected to comply with SARPs
but is expected to comply with the national aviation security framework. It will be the national aviation
security regulator, typically the Appropriate Authority, who will audit the industry.
Figure 3-2 illustrates the national aviation security framework and how the entities and key documents
relate to each other.
The individuals are typically employees or suppliers to the industry/operators. In order to implement the
necessary risk-reduction measure, the operators are reliant on those individuals to have the knowledge,
competence, and empowerment to act as appropriate to the policy and procedures set by the operator.
As described above, the international aviation security framework commences with a state becoming a
Contracting State by way of signing the Chicago Convention. It ratifies that Convention through the
This section is intended to help airports determine which blast mitigation measures are needed,
including physical, technological, operational, and other related mitigations such as architectural layout
and crowd management. The user should consider which measures are possible for implementation at
their airport. In Section 5, these possible measures are analyzed using a decision-making process to
determine the most effective strategy.
In addition to the measures within this section, the reader may want to consult other relevant publicly
available references that include information on blast-mitigation measures:
• PARAS 0004: Recommended Security Guidelines for Airport Planning, Design and
Construction
• ACI Landside Security Handbook, First Edition
• FEMA 427: Primer for Design of Commercial Buildings to Mitigate Terrorist Attacks
• Blast Effects on Buildings, Second Edition, by Cormie, et al.
This section outlines many of the blast-mitigation measures that can be employed. A holistic blast-
mitigation strategy is most effective when various types of mitigation measures are combined as shown
in Figure 4-1.
Physical
Measures
Holistic Architectural
Technological Blast- and Crowd
Measures Mitigation Management
Measures
Strategy
Operational
Measures
Physical measures generally take the most time to provide protection, as the design and construction
process may exceed the time required to hire additional operational staff, for example. Additionally,
although modifications can be made, they are also the least flexible type of measure in adapting to
changing threats. However, physical measures are capable of defending the asset and providing
protection as a last layer of defense in a security strategy. They also offer the most predictable
performance, not being subject to human error and not requiring active management to protect. What
might be surprising is that, although physical measures require a high initial investment, they require
little or no recurring expenditures over many years, resulting in average costs being the lowest of the
different types of measures.
On the opposite spectrum, operational measures are generally the quickest to implement, the most
flexible and the most adaptable. However, although operational measures provide some level of
deterrence, they do not provide a reliable defense on their own. They are highly dependent on the
effectiveness and response of particular individuals and are subject to human error. Also, providing an
additional security staffing position is relatively expensive.
Technological measures lie somewhere in the middle of the spectrum. In addition to the cost of the
technology and IT equipment, staffing is almost always required for active monitoring of systems. This
renders technological measures on average to be the most expensive of the three. However,
technological systems overall are the most effective in protection, able to offer deterrence, delay, and
detection capabilities with a relatively high degree of efficiency. Further, technological measures can be
implemented relatively quickly, especially if a robust IT structure is already in place. They are also able
to be implemented in almost any area of the airport and offer capabilities that can detect all types of
blast threats.
If designed-in, architectural measures such as roadway layout, terminal layout, thoughtful space
configuration, and pedestrian and queue planning require some design costs, but are relatively
inexpensive. Architectural design that incorporates principles of security can be effective in reducing
risks, but is typically not sufficient on its own.
The benefits of various measure types are summarized in Table 4-1, demonstrating that a holistic
approach incorporating all types of measures is necessary to meet protection needs and balance
implications. This matrix is just an overview to demonstrate the concept of a holistic strategy—many of
the categories are more complex than conveyed in this table.
Not
Can be
Impact on subject Ability Ability Ability Ability
Measure Low Quick to Easily
Passenger to to to to to
Type Cost Implement Modified
Experience human Deter Detect Disarm Defend
Later
error
Physical X X X X
Technological X X X X
Operational X X X X X X
Architecture X X X X X
Figure 4-2. Blast Shockwave Propagation through the Figure 4-3. An RC Panel Damaged by Spall
RC Member, Which Induces Spall
While spall refers to the loss of part of an RC member, the term “breach” signifies the complete loss of a
section thickness over a certain area, as illustrated in Figure 4-4. Breach of a section is usually observed
when an explosive charge is placed very close (PBIED or VBIED) or in direct contact (PBIED) with the
RC section.
There are a couple of strategies used to counteract spall and breach failure, depending on member type
(column or wall) and performance criteria. Typically, a steel plate installed on the back-side of an RC
wall will act as a fragment shield to prevent hazardous debris from injuring people or causing other
damage behind the wall as a result of spalling. It will also improve the wall’s performance, but may still
result in significant loss of concrete in the wall. The plate needs to be anchored sufficiently such that the
forces do not also propel the plate. A detail of an installed spall plate is presented in Figure 4-5.
Figure 4-4. Breached RC Panel Figure 4-5. Spall Plate Installed at the Back of an
RC Wall
Column steel jacketing is a structural enhancement used to strengthen RC columns. This type of
enhancement is especially used for columns susceptible to placed IED and vehicle attacks where
minimal standoff exists. Column steel jacketing involves full or partial-height wrapping of the column
with a steel plate. The steel jacket helps the column resist local shear failure due to a close-in charge, in
addition to increasing the column’s flexural and vertical load carrying capacities, as shown in Figure
4-6. This type of blast enhancement can be used for both new build and retrofit projects.
Source: Arup
Figure 4-7. Sections of the Base of a Steel-Encased Figure 4-8. 3-D View of a Steel Column
Column Encased in Reinforced Concrete
Source: Arup
Source: Arup
The above blast-mitigation enhancements are usually considered for an open web steel section. When a
column is represented by a non-open web steel section (i.e., rectangular, square, or circular-shaped
sections), it is more economical and practical to make holes in the section and pump high-strength grout
inside the column rather than encasing it in concrete. This method is similar to the steel jacketing system
described in the section above. As with the bottom concrete-encased column blast-mitigation measure,
this method can be applied to both new build and retrofitting projects.
Disproportionate collapse is a collapse that is greater in extent than an amount judged by some scale to
be proportionate to the cause. A collapse may be disproportionate without being progressive and
similarly may be progressive in nature but remain proportionate. Design against disproportionate
collapse generally involves making the structure robust. Structural robustness is a quality of a structural
system that enables it to sustain local damage without failing to any great degree.
There are several ways in which structural robustness can be designed into a building. Each country has
structural codes to achieve robustness, but to varying degrees. The typical design approach methods are
as follows:
Source: Arup
After designing out vulnerabilities as far as reasonably practicable, the vulnerability of the structure to
the remaining hazards must be undertaken on a case-by-case basis. This may involve one or more of
local blast or impact analysis, global analysis of the structural response, and/or element removal analysis
to protect against disproportionate collapse.
If the structure can be designed to withstand element loss, this makes the structural design essentially
insensitive to assumptions made about the size of the DBT, except where more than one column can be
lost in a single threat scenario. As such, it will always be preferable to design the structure for element
removal than using key element or specific local resistance methods. These should always be explored
first, but it must be recognized that for buildings with large spans, especially larger airport terminals,
developing specific local resistance can often be the only practical mechanism.
4.1.4.1 Glass
Monolithic glass consists of a single sheet of glass. This type of glazing configuration is not
recommended for blast-resistant facades, as during a blast event there is nothing stopping the glass
shards from flying into the occupied space and injuring the occupants. To prevent this from happening,
the following mitigation measures can be adopted:
Blast Pressure
Frame
Outer
Glass Lite
Structural Laminate
Silicone
Sealant Inner
Glass Lite
Source: Arup
Laminated glass is often used with structural silicone sealant (SSS). SSS is applied at the junction of the
glass and the frame to attach the two. If specified properly, the SSS can retain the glass in the frame and
allow the PVB to achieve its full capability, letting it stretch between the surrounding frames as shown
in Figure 4-10. The performance of a laminated glazing unit is highly dependent on the retention system
anchoring it to the framing members. This capacity also impacts the strength required for the frame and
support structures. Therefore, laminated glass should be selected only after careful consideration of
these factors.
Usually, the minimum interlayer thickness used for non-blast application or very low-level blast
application is 0.03-inch, while for a typical or higher-level blast application the minimum recommended
interlayer thickness is 0.06-inch. There are also manufacturing limitations depending on the pane
thickness, size, and glass type that should be coordinated with a glass manufacturer prior to specifying.
While a PVB interlayer between two or more glass sheets can provide excellent protection against blast
loads, different glass types can be specified and each comes with its own characteristics and physical
properties:
• Annealed glass is the most common type of architectural glass found in building facades and
internal glazing. Use of annealed glass in blast-resistant glazing is usually limited due to its
relatively low dynamic breaking strength of 11.6 ksi (kips per square inch; dynamic breaking
strength slightly varies between manufacturers and countries of production) and tendency to
break up into razor-like fragments. This irregular failure mechanism of the glass sheets may
cause a high level of hazard to the building’s occupants as the shards fly into the building (see
Figure 4-11.). Therefore, this glazing type is mostly reserved for external sacrificial layers,
where in the case of a blast threat the shards will only disperse on the outer side of the building.
Still, the use of annealed laminated glass does provide significant benefit over the use of
monolithic glass, regardless of type of glass.
• Heat-strengthened glass is essentially annealed glass that goes through a strengthening
procedure consisting of precompressing the outer skin through a reheating and cooling process.
This gives the glass a dynamic breaking strength of 17.4 ksi. Upon fracture, heat-strengthened
glass tends to break in larger shards and fragments compared to annealed glass, as shown in
Figure 4-11 and Figure 4-12. Fully tempered glass (or toughened glass) is annealed glass that has
been fast-heated and cooled several times. This procedure significantly increases the dynamic
breaking strength to about 26.0 ksi. Also, this treatment changes the failure pattern of the glass,
making it different from the annealed and heat-strengthened glass. Toughened glass tends to
break into small rock-sized, blunt-edged fragments, as shown in Figure 4-11. This specific brittle
failure mode of the glass has led to the reduction of specifying tempered/toughened glass over
heat-strengthened glass because the small rock-sized pieces reduce its ability to stick to the PVB.
However, for some locations, tempered glass requirements may govern for impact safety. In
these cases, use of laminated tempered glass still significantly reduces blast risk compared to
monolithic tempered glass.
It is important to consider other requirements and features such as thermal, impact, cleaning, and
sunshade integration on a case-by-case basis.
Figure 4-11. Different Glass-Breaking Mechanisms – Annealed, Heat-Strengthened, and Tempered Glass
Source: Arup
It should be noted that although it would create a hazardous condition, a strategy may be to allow
glazing failure in an effort to avoid a potentially catastrophic structural failure; this is a risk-based
decision that may be considered.
4.1.4.3 Framing
Framing elements are commonly represented by mullions and transoms, which are the vertical and
horizontal framing members, respectively. The primary function of the framing unit is to support and
allow the glass pane to fully develop its maximum resistance without any premature failure.
Framing used in non-blast applications does have some built-in resistance against minimal blast loads,
but it is usually not adequate to transfer the reaction forces from the glass pane due to its minimalistic
construction. For blast applications, several blast-mitigation measures can be adopted into the facade’s
framing. These measures only concern new builds and full replacement work. It is usually not
economical or practically feasible to modify pre-existing window frames, and would likely void any
manufacturer warranty. In such cases, it is recommended that the building’s facade be re-clad.
FRAME MATERIAL
Aluminum and steel are usually the two materials specified for framing elements that are part of a blast-
resistant facade, as they are ductile and therefore allow the member to go through a controlled large
plastic deformation without failing unexpectedly. In most cases, aluminum is the material of choice for
architects and facade designers, as it is lighter and cheaper than steel. Also, aluminum is highly
malleable, and complex extruded sections can be produced to increase the stiffness of the section while
keeping a relatively thin frame width and depth. Additionally, aluminum frames can be used in
conjunction with steel inserts, which can greatly increase the blast resistance of the section.
Additionally, some manufacturers that make aluminum window systems that may be used in typical
single-story buildings (but may be not for larger airport terminals) have blast-tested some of their
products. These manufacturers are knowledgeable regarding performance of their tested systems
compared to the tested DBT scenarios, but will request a blast engineer/consultant to determine
applicability to other scenarios. Most of these blast-tested systems, particularly those of US
manufacturers, are tested for blast loads applicable to US Government blast criteria, such as those from
the Department of Defense, the Department of Veterans Affairs, or the General Services Administration.
For airport applications, these tested manufacturer systems may be limited to single or two-story
spanning facades, which are only required to meet a relatively low level of protection. For check-in hall
facades at large international airports with complex designs, full-scale blast testing and/or engineering
analysis should be incorporated in order to demonstrate that the blast requirements are met.
From a blast perspective, steel is the preferred choice when the blast loads are relatively large. Steel
support systems are typically required for large curtain walls to support conventional loading like
gravity and wind. This may either be a structural backup to an aluminum-framed system or a customized
steel support system directly behind the glass. Conventionally designed steel-framed facades, although
robust, are likely to require additional enhancements to meet a blast requirement, such as deeper section
dimensions, thicker web members, or additional connection capacity.
4-12. They may also be shaped as channels or other shapes that fit into the particular mullion extrusion.
During a blast event, the steel insert works in combination with the surrounding aluminum section to
increase the resistance of the overall section. The main advantage of combining steel inserts with an
outer aluminum section is that it is possible to achieve a relatively strong section while keeping the
overall width of the frame section slim. This approach aligns with most architectural requirements set by
architects and facade designers. However, designers should coordinate early with blast engineers as
sometimes cabling or utilities are preferred to be run through mullions, which might not be possible if
this method of steel support is used.
Figure 4-13. Framing Box Section (Unitized) Figure 4-14. Framing Split-Section with a Blast Clip
Source: Arup
Table 4-2 generalizes various level of blast protection that can be provided by a facade, using
approximate levels of protection.
Level of
Glazing Framing
Protection
The principles behind HVM are well explained in several sources including Federal Emergency
Management Agency (FEMA) 426 and the United Kingdom (UK) Centre for the Protection of National
Infrastructure (CPNI) Hostile Vehicle Mitigation Guide. Additionally, testing standards for impact-
tested vehicle security barriers are well established with ASTM F2656 (predominately US standards),
Publicly Available Specification (PAS) 68 (predominately UK standards), and International Workshop
Agreement (IWA) 14-1 (various places around the world). It should be noted that a well thought-out
HVM strategy encompasses other aspects of design aside from barriers, such as roadway layout, speed
limitation measures, etc.
The different variations for vehicle size and speed are shown in Table 4-4. The vehicle size is typically
determined at the beginning of the project based on the risk assessment and design criteria. The speed of
each condition can be calculated during the design process by a blast or security engineer. A commonly
specified vehicle size and speed for high-risk locations is the M50 (Medium-Duty Truck at 50 mph);
however, this speed may be high for most terminal areas. Purposeful specification of the design vehicle
should be made during the risk assessment in order to support effective allocation of resources. Very
few manufacturers have tests for the heavy goods vehicle or the small passenger car as they are very
rarely specified. If specified, manufacturers may want to provide a higher protection level due to greater
availability of those products.
Nominal Minimum
Condition
Test Vehicle Weight lbs (kg) Velocity mph
Designation
(km/h)
40 (65) C40
Small Passenger
2,430 (1,100) 50 (80) C50
Car (C)
60 (100) C60
65 (45) PU40
Pickup Truck
2,430 (1,100) 80 (50) PU50
(PU)
100 (60) PU60
30 (50) M30
Medium-Duty
15,000 (6,800) 40 (65) M40
Truck (M)
50 (80) M50
30 (50) H30
Heavy Goods
65,000 (29,500) 40 (65) H40
Vehicle (H)
50 (80) H50
STEEL BOLLARDS
Steel bollards are probably the most versatile of the passive barriers; they can be arranged to allow for
pedestrian movement, covers can be added to make them architecturally pleasing to match the
surrounding facility, and they can be operable (raised/lowered). The challenge is that many types need
deep foundations, which are not always achievable in existing facilities due to structural or utility
limitations. There are some manufacturers with more versatile shallow-bollard foundations, but the costs
of these products are high and the footprint plan increases 300% from that of a deep foundation. Despite
these negative factors, shallow-mount bollards are often procured anyway in order to avoid invasive
construction; most shallow-mount systems can be installed very quickly.
At roadway entrances that require access for maintenance vehicles or other authorized vehicles,
hydraulic or electric operable/retractable bollards can be used.
It should be noted that a continuous slew of bollards along a long terminal’s drop-off and pick-up zones
does not necessarily represent a well thought-out HVM strategy; security engineers and architects
should work together to avoid this and encourage architecturally pleasing barrier solutions, which may
be supplemented by other HVM strategies such as architectural layout, technology systems, or
operations. Studies by CPNI have recommended to move the line of bollards outwards from any exits (at
least 3 m away) so that crowds have time to diffuse before having to move around the bollards.
JERSEY BARRIERS
Jersey barriers can be deployed quickly and easily with little construction time. Jersey barriers do not
provide an ASTM security rating and are not considered to be architecturally pleasing. However, they
do provide a baseline level of protection and are visual deterrents. These may be useful to deploy at
times of elevated threat, or as temporary solutions where a vulnerability has been identified but time is
required before procurement of a larger project can be undertaken.
Figure 4-17. Jersey Barriers
WEDGE BARRIERS
Wedge barriers are operable and provide the maximum perimeter protection with a low-profile barrier.
The wedges are within the roadway, so they can present challenges in some weather conditions if not
maintained properly. Different systems have various foundation requirements. The shallow systems are
very extensive in horizontal area, while the deep systems do not affect the surrounding pavement. There
are also surface-mounted systems if needed for a high-profile event or on a temporary basis. Wedge
barriers are best suited at discrete locations such as an access control point to a loading dock or an
authorized taxi/shuttle bus entrance, if throughput times can be accommodated.
DROP ARMS
Drop-arm-style barriers can be the least invasive on the roadway as their foundations are typically the
smallest. However, they take up the most real estate above ground and can be challenging to use across
multiple roadways. At airports, these are best utilized at staff parking, entrances to service yards, or
other areas where authorization is required for entrance.
Figure 4-20. Drop Arms
Source: bmk Engineering design and construction project: Gribble Gate, Alexandria, VA
often contain legacy infrastructure that cannot be easily replaced without great financial cost or effort.
Such infrastructure may include the following:
• Elevated roadways and drop-off zones in close proximity to the terminal building.
• Structures and facades designed some time ago that incorporate older standards and have little
blast resilience.
• Existing/outdated CCTV systems and cabling.
• Terminal layouts that promote crowding at areas such as check-in, drop-off, and security
screening.
• Data centers and other functions critical to the airport’s operations.
Traditional blast-mitigation strategies for retrofit, in particular physical enhancements, come at a
financial cost and effort that is disproportionate to the risk, often stalling an airport’s plans to invest in
landside security. For that reason, an existing airport may have a blast-mitigation strategy with emphasis
on operational measures, which can be easily deployed across landside areas. However, operational
measures also come with substantial recurring costs and do not directly reduce the effects from a blast
itself.
In regard to retrofit of physical measures, depending on the blast DBTs and performance criteria, costs
and implications of retrofitting structures may become expensive and onerous to implement. However,
the risk reduction may be necessary to pursue. There are many retrofitting techniques that can be
employed, but given the nature of a retrofit, all will need to be customized to the unique conditions of
each airport and its particular risk-reduction needs. For most cases, a blast engineer will be needed to
help identify the most effective and feasible measures.
Figure 4-21. Two-Side Supported Slab Figure 4-22. Four-Side Supported Slab
(One-Way Spanning) (Two-Way Spanning)
Span length reduction: Span length reduction can increase the stiffness of the member, effectively
increasing the load-carrying capacity. Significant attention should be paid to the end reactions of the
shortened members, as they may exceed the capacity of the supporting members.
In addition to the above-described techniques, careful consideration should be placed on strengthening
the existing structural components’ connections. Table 4-5 presents a selection of structural retrofitting
methods that can be adopted to increase the blast resilience of an existing structure.
Table 4-5. Example Structural Retrofitting Techniques
Most Applicable
Structural System Structural Modification
DBT
Most Applicable
Structural System Structural Modification
DBT
When retrofitting of an existing building is considered, it is crucial that the advice and expertise from a
security/blast consultant and structural engineer is sought. Retrofits may impact the global response of
the building or have cascading consequences to other disciplines under conventional loading scenarios
such as gravity and wind.
It should also be noted that if existing glass is laminated, the application of ASF would not be an
effective use of resources, as the laminated glass accomplishes a similar result as the anti-shatter film.
For existing airports, the following measures may be implemented as part of an HVM strategy that
encompasses physical, technological, and operational measures:
1. Reduce speed limits
2. Increase curb height
3. Provide signage or physical height restrictions on roadways
4. Install landscaping or roadway impediments to slow vehicles
5. Disperse (i.e., separate and/or additional) drop-off and pick-up zones to reduce crowds and thus
reduce the vulnerability of any one area
6. Relocate drop-off and pick-up zones to less vulnerable areas
7. Implement video analytics to help detect illegally parked vehicles, stolen or unregistered cars,
etc. (refer to Section 4.2)
8. Provide physical barriers (i.e., bollards, planters, or drop-arms) to prevent vehicles from entering
the terminal building, bus plaza, or other identified vulnerable area
9. Screen vehicles prior to entering the terminal areas using a vehicle checkpoint
10. Reconfigure traffic lanes for authorized vehicles to be nearest the terminal or other vulnerable
areas, and unauthorized vehicles to be furthest away
Enhancement Cost
Description ROM Cost Estimate
Type Premium
New Facade
Glass: IGU Outer: 3/8” (TT)/Inner 1/4” Glass: $45.00/ft2
Unenhanced* (HS)+0.03PVB+1/4” (HS) Framing: $30.00/ft2 Baseline
Mullion: 10x4x0.125” Aluminum extrusion Installation: $9.15/ft2
Glass: $33.00/ft2
Enhanced Framing: $77.00/ft2
Generic and proprietary 4 psi/28 psi-ms facade 1.4x
Option 1* Installation:
$10.30/ft2
Glass: IGU Outer: 3/8” (TT)/Inner 1/4” Glass: $65.00/ft2
Enhanced (HS)+0.06PVB+1/4” (HS) Framing: $89.00ft2
2.0x
Option 2* Mullion: 10x6x3/16” Aluminum extrusion + 9.5x1/2” Installation:
Steel stiffening Inserts $10.30/ft2
Glass: $51.00/ft2
Glass: IGU Outer: 3/8” (TT)/Inner 1/4”
Enhanced (HS)+0.06PVB+1/4” (HS) Framing: $132.00/ft2
2.3x
Option 3* Installation:
Mullion: HSS 12x4x1/4”
$11.30/ft2
Glass: IGU Outer: 1/4” (HS)+0.06PVB+1/4” (HS) Glass: $100.00/ft2
Enhanced Inner: 1/4” (HS)+0.06PVB+1/4” (HS)+0.06PVB+1/4” Framing: $197.00/ft2
3.7x
Option 4* (HS) Installation:
Mullion: HSS 16x8x1/2” $12.30/ft2
Existing Facade
Enhanced
ASF (Daylight Application) $4/ft2 Baseline
Option A
Enhanced
ASF (SSS Attachment) $5/ft2 1.3x
Option B1
Enhanced
ASF (Mechanical Attachment) $14/ft2 3.5x
Option B2
Enhanced ASF (Daylight Application) with Cable Catchment
$33/ft2 8.3x
Option C System
Columns
Unenhanced Materials and install:
Steel column: W12x106 Baseline
Option 1* $4,500/column
Enhanced Steel Column: W12 x 106 + 1” stiffener plates to Box Materials and install:
1.1x
Option 1A* section at column base + Grout-filled at column base $5000/column
Enhanced Steel Column: W12 x 106 + 20” Square Concrete Materials and install:
1.2x
Option 1B* encasement $5400/column
Unenhanced Concrete Column: 3’ Diameter + #4 hoops at 12” on Materials and install:
Baseline
Option 2* center + 16 x #10 longitudinal bars $1400/column
Enhanced Concrete Column: 3’ Diameter + #6 hoops at 6” on Materials and install:
1.7x
Option 2A* center + 16 x #10 longitudinal bars $2416/column
Enhancement Cost
Description ROM Cost Estimate
Type Premium
Enhancement Cost
Description ROM Cost Estimate
Type Premium
Steel Bollards
Unenhanced Steel bollard, not rated $112/ft Baseline
Enhanced
Steel bollard, PU50-P1 rating* $3,129/ft 28x
Option 1
Enhanced
Steel bollard, M30-P1 rating $1,685/ft 15x
Option 2
Enhanced
Steel bollard, M40-P1 rating* $2,677/ft 24x
Option 3
Enhanced
Steel bollard, M50-P1 rating $2,167/ft 19x
Option 4
Enhancement Cost
Description ROM Cost Estimate
Type Premium
Concrete Barriers
Enhanced
Raised Curb, not rated $14/ft -
Option 1
Enhanced
Jersey Barrier, not rated $117/ft -
Option 2A
Enhanced
Concrete Bench, not rated $191/ft -
Option 2B
Enhanced
Concrete Planter, not rated $238/ft -
Option 2C
Other HVM
Enhanced
Speed Humps, not rated $5,000/hump -
Option 1A
Enhanced
Height Restriction Bar over Road, not rated $7,006/barrier -
Option 1B
Enhanced
Gate Barrier, M50-P1 rating $28,000/barrier -
Option 2A
Enhanced
Wedge Barrier, M50-P1 rating $54,000/barrier -
Option 2B
Table 4-8 Notes: *Costs are unexpectedly high due to the limited availability of barriers tested and manufactured
to these ratings.
bring up the live video feed on a security guard’s workstation and/or mobile phone, sound a local alarm,
and turn on nearby lighting. This saves the employee from the mental fatigue associated with having to
stare at numerous camera feeds for many hours at a time.
The maturation of this field means that a system can identify possible problems before they happen
rather than just forensically determining what happened afterwards. Below are a few common video
surveillance analytics that can be used to help reduce the likelihood of a blast event; a more detailed list
can be found in Appendix A.
keeping. The fact that this technology can be adjusted based on the site’s threat and risk assessment
means that they can be adjusted as needed; for an airport, these devices can be set to a threshold that
only detects large firearms and explosives at the airside entrance to increase speed at those locations,
knowing that a more thorough check will be performed at the TSA checkpoints into the sterile area.
Source: Arup
CCTV
Unenhanced:
$14,700/camera Baseline
CCTV
Enhanced Option 1:
$16,600/camera 1.1x
CCTV with Analytics
Enhanced Option 2:
$25,300/camera 1.7x
CCTV with LiDAR Analytics
Vehicle Screening
Enhanced Option 1:
$19,300/camera Baseline
ALPR
Enhanced Option 2:
$26,400/scanner 1.4x
UVVS
Explosives Detection
Enhanced Option 1:
$211,200/scanner Baseline
TSA mm-wave Body Scanner
Enhanced Option 2:
$256,200/scanner 1.2x
High throughput mm-wave Detection
• Patrols
• Explosives detection canines (EDC)
• Known vehicle regimes
• Vehicle checkpoints
• Advanced communication techniques
• Security management systems (SeMS)
Operational measures are critical to disabling and disarming the threat, which is something that neither
physical, technological, nor architectural measures can achieve. Therefore, to achieve a holistic security
strategy, operational measures should be included to cover this protection need. This principle is
reinforced in Section 5, whereby various measure types are combined to achieve a spread of protective
capabilities.
Operational Requirements
• Site requiring protection
• Stakeholders
• Critical assets
• Threat and vulnerabilities
• Impact on site
• Proposed strategic security strategy
• Concept of operations
• Organizational constraints
• Implementation and integration
• Critical dependencies
• Costs and benefits
The above criteria will aid the airport operator in determining which operational security measure to
implement based on the security function that is required to mitigate a particular threat scenario.
4.3.2.1 Patrols
The main security function of patrols is detecting suspicious activity, but they may also serve as a
deterrent to security risks through the active deployment of airport security officers with high visibility
jackets. Further, unpredictable or random patrolling is also effective in reducing advantages potential
threat actors may have tried to gain through reconnaissance efforts to predict the best times to go
unnoticed. Patrolling involves surveillance of sites to monitor the following:
Table 4-10 provides the two methods of security screening practiced by EDCs, with the FREDC method
being most applicable to the landside.
While EDCs act as an effective detection measure, airport operators tend to procure EDC programs from
external providers as the costs of such programs are extensive, amounting to $35,000 USD for the EDC
and its training and $6,000 USD per annum for welfare costs. As EDCs can only be deployed for a
limited period of time without rest, and due to the high costs associated with this measure, a Silver level
of EDC service may be appropriate (see Section 5.3.3), where dogs are deployed sparsely within the
airport terminal, bus station, metro station, and other vulnerable areas to conduct random patrols.
Furthermore, the framework (see Section 5) provides a high scoring for combining EDCs with patrols,
which stems from the fact that patrolling personnel handling EDCs can act as a key deterrence measure.
EDCs give an alarm, in the form of a passive response, when they detect explosive materials, and in
order to fully resolve an alarm, a patrol officer may need to question a passenger about what they are
carrying.
While passenger vehicles are not permitted to enter these areas, the only measure used by some airports
to restrict access is signage. However, if a threat actor is planning a vehicle-based explosive attack,
traffic management rules like signage will not be followed. There are some operational measures used
by airports to mitigate this threat scenario to these types of landside areas, and to maintain airport-
supporting operations. For example, particular roads around Stansted Airport in the UK that are used for
the operations listed above are given a “controlled landside road” status, meaning that although it is not
airside or a security restricted road, limitations are placed on its use through vehicle access control
points (VACP) on each side of the road.
Instead of staffing the VACP, automatic license plate recognition (ALPR) can be implemented, which
uses video surveillance systems to screen the registration plates of all vehicles entering or leaving the
controlled landside road. This technology will only recognize license plates of vehicles used for airport
operations that require access to the roads. The implementation of ALPR by itself will only meet the
detection function and may not mitigate the deliberate breach of traffic management rules. Therefore,
ALPR should be used in combination with physical measures such as rated barriers that allow access
following approval from the ALPR.
Although ALPR can be easily implemented at existing airports, the use of a known vehicle regime is
more effective when introduced early in airport development. This is because sufficient space must be
allocated to install the VACP comprised of physical measures and an ALPR system. Furthermore, while
this system can detect and permit access to known vehicles only, the risk of an insider threat is not ruled
out. Although implementing this known vehicle regime early in airport development can ensure a
sufficient standoff distance is maintained between entry point for vehicles and any airport assets that
may be in close proximity to the VACP (therefore eliminating the risk of a blast affecting nearby assets),
it cannot validate capability and intent of an insider vehicle (i.e., a vehicle may be legitimate in the sense
that it is known but may still have an intent to cause damage, such as a VBIED).
UVSS
Static Mobile
ALPR
Public knowledge of this degree of security implemented at Ben Gurion Airport serves as an effective
deterrent that discourages hostiles from targeting the airport. Although this measure is expensive to
operate and capital-intensive, it is highly effective in preventing loss of life, as the last notable incident
at the airport was in 1979, when an aircraft hijack was attempted. This measure is appropriate to Ben
Gurion as it is the only international airport serving Israel, allowing the country to focus all its effort and
expertise on this one facility.
PASSIVE COMMUNICATION TECHNIQUES
Less intrusive measures include passive communication techniques, which act as an extremely low-cost
deterrent that sends a subliminal message about the (high) level of security at an airport. Measures used
tend to be a part of a wider vigilance campaign that includes all airport staff playing their part in
maintaining an effective security culture. Vigilance posters such as those below can be put up in visible
places around the terminal to discourage any potential threat actors from carrying out reconnaissance.
Source: This guidance/poster was created by the UK’s Centre for the Protection of National Infrastructure
(CPNI) and is subject to Crown Copyright. It is used with the permission of CPNI for our internal purposes.
Permission for any wider use should be obtained from CPNI.
Other staff-driven initiatives include carrying wallet cards that feature security/law enforcement
numbers that are visible on their person and are carried around with them when they are on and off site.
Also, handing out leaflets with security messages and placing them in passenger areas will serve to
reinforce the perception that staff are highly observant and vigilant.
Source: Arup
The above procedures have been facilitated through the introduction of various technologies such as
online check-in and self-bag drop. Airports can contribute significantly to changing how passengers
travel by introducing incentives aimed at airlines and passengers. This may include revised procedures
for airlines in which certain airport charges are reduced if the airline can ensure that most passengers do
not travel with hold baggage. This would reduce crowding at check-in areas, facilitating passengers to
move airside as soon as they arrive at the airport. However, reducing queues from the ticketing area
does not necessarily eliminate all queues, especially if not managed properly. Management of crowds
and passenger flows are discussed further within Section 4.4.
Changing passenger habits requires a coordinated approach between all stakeholders such as airlines,
airports, and travel agencies. As these measures are customer service-driven, they do not guarantee that
security outcomes will be achieved. Furthermore, this type of measure will only reduce the loss-of-life
risk as opposed to protecting airport infrastructure.
The security measures implemented at an airport will be informed by the SeMS. This is because the
SeMS serves as a tool for systematically incorporating security risk management into an airport’s day-
to-day operations. For an SeMS to be effective, it must be based on a continuous cycle that includes a
threat and vulnerability assessment; the identification, capture, and analysis of risk; and the generation
and continuous review of risk mitigation plans and the effectiveness of risk-reduction measures (refer to
PARAS 0009 for additional guidance).
$1,090,300
Vehicle checkpoint staffing
(10) 8-hr shifts, i.e., 2 staff per checkpoint, 24-hour coverage
$597,300
Behavioral detection officers
(5) 8-hr shifts, i.e., one person on-duty, 24-hour coverage
$554,900
Airline check-in counter staffing
(5) 8-hr shifts, i.e., one person on-duty, 24-hour coverage
$2,147,600
TSA screening checkpoint staffing
(15) 8-hr shifts, i.e., 3 staff per checkpoint, 24-hour coverage
$530,100
Law enforcement patrols
(5) 8-hr shifts, i.e., one person on-duty, 24-hour coverage
$364,500
Private security patrols (unarmed)
(5) 8-hr shifts, i.e., one person on-duty, 24-hour coverage
$530,100
SOC staffing
(5) 8-hr shifts, i.e., one person on-duty, 24-hour coverage
Security Checkpoint
<5 5–10 >10 0 0–3 >3
(queue width 1.2m)
Emigration (Passport 3 4 5 1 1.3 1.7
Control)
(queue width 1.2m) <5 5–10 >10 0 0–3 >3
For a given airport condition, pedestrian modeling combined with injury evaluation can be undertaken to
determine the volume of passengers that may be vulnerable to a blast event. For example, due to effects
of a blast wave itself (ignoring fragmentation), radii of casualties measured from the detonation point
would be expected as shown in Table 4-15 and Figure 4-33 below. These calculations are based on UFC
3-340-02, but are only approximations, as injury is highly dependent on the explosive, the environment
in which it detonates, and the body type. When overlaid on a pedestrian model, the reduction in
vulnerability that occurs in a crowd-dispersed area is evident.
Table 4-15. Example Radii of Casualties due to Blast Wave for Typical PBIEDs
Global air traffic volumes are projected to double in the next 15 years (Airbus 2017). To meet the
increasing demand, airports and airlines are continuously adapting their facilities and introducing
innovative ways to process passengers. For some airports, it is simply a matter of providing more
counters or security lanes for processing passengers; for airports where space is limited, they must adopt
innovative and more efficient ways to process passengers.
A study carried out by DKMA concluded that by improving passenger experiences, passengers would
spend 10% more time at the airport, would be twice as likely to shop, and would spend 7% more on
duty-paid and 20% more on duty-free products.
4.4.1.2 Recommendations
The positive airport passenger experience is challenged by the security screening checkpoint, which is
usually rated as the most stressful part of the airport experience. In addition to screening passengers, a
secondary intention of the security screening process is to get people into the airside area as soon as
possible. The advantages of this are twofold: faster access to retail areas that generate airport revenue,
and the airside area is more secure than the landside areas of an airport. This can be achieved by
discouraging people from lingering in higher risk areas, such as the landside retail areas and creating
desire and incentives for people to move into the secured area.
Better passenger experience in the checkpoints can reduce levels of stress, which in turn can contribute
to passengers’ willingness to spend more money in retail areas, thereby generating higher non-
aeronautical revenues. In another study, ICF calculated that by increasing passenger dwell times in
airside areas by 10 minutes, the airport’s revenues would increase by 12%. This dwell time can be
increased in different ways; those relevant to this project are faster check-in and security screening
processes.
The potential for crowd mitigation to potentially improve customer service and increase airport
revenue is a key differentiator from traditional blast-mitigation strategies. It is recommended that
crowd mitigation techniques be incorporated to reduce blast risks as part of an airport’s holistic security
strategy. This includes decreasing queues, dispersing pick-up points, and re-working layouts for meet-
and-greet areas.
In summary, ASL can help, but to get significant reductions in passenger accumulation, the
maximum wait time target must be lowered.
6000
5000
Passengers per Hour
4000
3000
2000
1000
0
00:00 02:00 04:00 06:00 08:00 10:00 12:00 14:00 16:00 18:00 20:00 22:00 00:00
7000
6000
Passengers per Hour
5000
4000
3000
2000
1000
0
00:00 02:00 04:00 06:00 08:00 10:00 12:00 14:00 16:00 18:00 20:00 22:00 00:00
• The airport predominantly serves its local population. The large percentage of Originating and
Terminating passengers shows that most passengers at this airport either began or ended their trip
at this airport. The other type of airport is a transfer hub airport, which serves mostly connecting
passengers. Atlanta’s Hartsfield-Jackson International airport is an example of a transfer hub
airport. An airport with more originating/terminating passengers will expect more landside and
non-secure traffic than a transfer hub airport of the same size.
• The main departure peak hour is in the morning. Many domestic US airports have a high
departure peak in the morning. Each morning, most airlines aim to have their flights take off as
soon as the flight crew is ready to fly, in order to achieve a high utilization ratio of their aircraft.
This results in a “rush hour” in the morning that lasts 1–2 hours. The morning departure peak at
this airport lasts over 3 hours. This may be an indication of a constrained operation, as there may
not be enough runway or aircraft stand capacity to accommodate the morning peak, pushing
departures into the late morning.
• There is a small arrival surge in the early morning, and this peak is mostly connecting
passengers. As such, the airport needs to be staffed to handle this traffic. If the arrivals are
international flights, transfer security and immigration need to be staffed to accommodate this
surge in the morning.
• There is a small departure surge late at night, indicating departures of overnight red-eye flights.
In the US, airports on the west coast tend to have a higher late-night departure peak, as they have
many red-eye departure flights heading to the east coast.
In a simulation model, the demand level of the planning day can be studied closely. Nuances in the
passenger demand and facility plans can be scrutinized to determine potential shortfalls in the facility.
Passenger crowd levels can be monitored in the simulation model, and the resulting level of service of
the facility can be predicted with sufficient time to adjust the plans and designs.
The planning day is often not the same as the busiest day of the year. Instead, the planning day
represents a typical busy day at the airport. Depending on the airport, the planning day may be the 95th
percentile in daily traffic, or it may be the day with the 30th busiest hour of the year. Airport planners
often use the planning day to design airport facilities, and accept a lower level of service during the
busiest days of the year (Thanksgiving, Christmas, and New Year’s Day). In these cases, passenger
simulation modeling becomes especially useful in predicting how the facility will perform and the
amount of crowding that will occur in various parts of the airport.
This leaves airports with greater vulnerability to attack on the busiest days, such as holidays. Airports
should offset this vulnerability by managing risks through other measures such as operations. This is one
of the key principles of the framework (explained in Section 5).
strategy whereby operations and technological measures are put in place to address predicted times of
heightened crowding.
• Roadway layout
o Design roadways with curves to limit the maximum speed that could be achieved by an
attacker.
o Separate roadways for the public and staff, as well as roadways for authorized vehicles
that need to access the loading dock. This way, appropriate access control measures can
be incorporated for different types of use.
• Do not locate critical utilities in landside areas vulnerable to explosive attacks, or otherwise
provide redundant systems. The minimum standoff distance from utilities to vulnerable areas
should be based on the specific DBTs for a particular airport, and the impacts to the construction
of that airport. Specifying a one-size-fits-all standoff distance could not ensure a specific
performance objective is achieved. There is guidance in government-based criteria, but this
guidance is based on the DBTs identified by those government agencies as risks to their
particular facility types.
• For a new build, the loading dock should ideally be isolated from the terminal building or
otherwise located to minimize impacts of an explosive incident on airport operations.
o However, in many cases of existing buildings or airports with space constraints, there are
many security measures that can be implemented (e.g., access control, vehicle screening,
visual inspections, etc.) to reduce risk such that it is possible for loading docks to be
located closer to or near critical assets. The framework process in Section 5 can help
identify measures for the loading dock, which may result in enough risk reduction that
location of the loading dock becomes less critical.
o It is typically good practice to include a frangible (i.e., allowed to fail) exterior wall on
the loading dock such that blast loads can dissipate rather than build up. This may not be
necessary if the DBTs identified for the airport in consideration are small enough, or the
construction of that particular loading dock can tolerate the blast loading.
• Terminal planning and layout, as they relate to crowd dispersal and management: greeter, check-
in, and baggage claim areas can be configured using pedestrian modeling to reduce choke points
where crowds or queues could be funneled.
Small picture considerations include:
• Ductile construction materials (i.e., metals instead of unreinforced masonry, laminated glass
instead of monolithic for interior glass partitions and handrails, etc.) can be used.
• Critical structural elements can be protected by wrapping them with architectural cladding or
furring to increase standoff against a PBIED (even a few inches provides benefit).
• Trash cans or other features that could conceal PBIED explosive devices should be located away
from critical structural elements.
• Furniture in non-secure areas should be selected and placed to allow for clear vision and
unobstructed lines of sight for patrols and CCTV to more easily detect suspicious objects. Design
measures to mitigate other security concerns such as active shooter incidents may have
conflicting requirements whereby locations for cover are needed; therefore, the risks of different
incidents should be compared and managed on a case-by-case basis.
• Landscaping that reduces the risk of both VBIED and PBIED incidents can be incorporated.
Landscaping should be integrated with the HVM strategy.
Refer to PARAS 0004 for additional considerations in terms of airport design for security purposes.
for the baseline operational strategies (e.g., adding more EDC patrols to move from Silver to Gold) or
the introduction of new operational strategies that are not incorporated into the baseline level of
operations (e.g., adding behavior detection officers, or adding vehicle screening checkpoints).
To mitigate risks of a blast threat on an immediate or imminent basis, the following strategies can be
considered in the airport’s elevated threat plan, or contingency plan:
For VBIED:
SECTION 5: IMPLEMENTATION
This section examines the feasibility of the measures discussed in Section 4 and facilitates the
development of a blast-risk-reduction strategy consisting of a combination of blast-mitigation measures.
The following sections present a framework process to assist airports in evaluating these considerations.
Airports should follow the decision-making process outlined in Sections 5.2 through 5.5 to determine
which measures to implement and where. An Excel-based tool and corresponding instructions for
carrying out the framework accompany this guidebook. Furthermore, two case studies are presented
within Appendix B.
Once an implementation strategy is realized, the risk-reduction value can be observed. This will consider
both how much the strategy reduces the risk(s) and what the non-risk-related implications of measures
might be. Implications may include whole of life costs, disruption required to implement, time to realize
value, operational and infrastructure changes required to implement the measures, and impact on priority
business objectives like passenger experience and architectural objectives.
The framework is intended to be used following a robust security risk assessment process. It does
not provide a method to identify risks, but attempts to methodically break down the risks and
vulnerabilities identified and couple them with optimum mitigation measures.
• How much does each measure, or combination of measures, buy down the risk? (i.e., what is its
return on investment?) It may be that one measure reduces the risk more than others but the
reduction is far beyond what is necessary.
• Consider whole-of-life costs as well as the cost of other security resources/measures required to
realize this measure’s risk-mitigation value; e.g., active vehicle barriers will require operational
resources such as a static guard or electronic access control passes to operate the barrier.
• Subject to the airport’s financial management arrangements, funding may be sourced differently
based on the type of measure, e.g., capital expenditure versus operating expenditure or grant
versus self-funded. Additionally, and again subject to the airport’s financial arrangements, the
time at which the measure is needed versus the time within the financial year may be an
influencing consideration.
• Time to realize the measure’s risk mitigation value—in some cases, the implementation time is
not feasible relative to the current need. For example, installing blast film on a facade may take
up to six months (including procurement process), whereas the establishment of a standoff zone
could take less than four hours.
• Impact on other business objectives, e.g., architecture, passenger experience, airport image, and
non-aeronautical revenue.
• Impact on regulatory requirements, e.g., fire safety, health, and safety.
• Indirect benefits, e.g., improved wayfinding, pedestrian safety, reduced accidental incursion, and
architecture.
• Relative ease or “hassle factor” to implement, e.g., rerouting of traffic, use of scaffolding, after-
hours work, or incorporation into another project scope to enable works required.
• How available is the resource? Can the measure be achieved in-house or is external resourcing
required?
The value or weighting of each of these considerations will be different for each airport and most likely
in each circumstance. The framework is a process for decision-making that can be customized. This
guidebook makes assumptions about the inputs in order to demonstrate the process. These or other
factors can be customized into the framework process for a more unique assessment.
• Life safety
• Commerce
• Operations
Ultimately, these vulnerability classifications for various areas will be used to identify mitigation
measures that have strengths for reducing a particular vulnerability type.
• Number of people
• Concentration of people
• Predictability with which the crowded places occur
• Exposure of the crowd to potential PBIED or VBIED effects
5.2.2 Commerce
Airports are inherently businesses; the ability of mitigations to reduce the commercial impact on the
airport’s business is important in enhancing the resilience of the airport’s business. The commercial
vulnerability of an area is assessed on the basis of the following:
• Proximity to areas that generate airport revenue such as a parking garage, tenancies, shops, etc.
• Proximity of areas that contain or house infrastructure or equipment
• Reputational loss
• Financial replacement cost
5.2.3 Operations
While in some ways tied to the commercial aspect of an airport, the airport’s ability to restore its
operational function is a key objective following a blast event. Evacuation, rescreening, airport shut
downs, and flight delays have large economic consequences for the airport, airlines, passengers, and the
region. With regards to operations, the vulnerability is assessed on the basis of the following:
Table 5-1 demonstrates default vulnerability weightings for a number of landside areas of a theoretical
airport. These vulnerability weightings are used in the framework (Step 2) to identify mitigation
measures that have strengths in mitigating against certain vulnerabilities.
The vulnerability weighting of the arrival and departure halls and fuel farm have been graphically shown
within Figure 5-2.
Figure 5-2. Example Vulnerability Assessment, Arrival and Departures Hall (left); Fuel Farm (right)
In addition to the landside areas shown in Figure 5-3, the following areas may be considered in the
airport’s risk assessment process:
• Emergency electrical or mechanical areas, e.g., generator or switchgear and cooling systems for
server rooms that support critical electrical systems
• Rental car facility
• Loading dock
• List: Cataloging a “shopping list” of security measures available to reduce the likelihood or
consequence of a blast attack at each vulnerable area.
• Classify: Classification of the listed measures under the previously defined vulnerability
categories: life safety, commerce, and operations.
• Score: Evaluation of existing-measure performance tiers and desired level of new-measure
performance tiers (if applicable).
5.3.1 List
Compile a list of measures applicable to each vulnerable area that ideally includes physical,
technological, operational, and architectural/crowd-management measures. Some example measures for
consideration on the list were discussed in Section 4. The lists should include measures that currently
exist, if any. The lists should exclude measures that are not feasible to implement or not applicable for a
particular area. For example, within the departure hall, an airport may exclude a new blast-resistant
facade or structural enhancements if terminal construction was just completed. As another example, an
airport would exclude a new blast-resistant facade from consideration at the fuel farm, where it is not
applicable.
5.3.2 Classify
This step will ensure that when combinations of measures are created in upcoming Step 4, measures are
selected based upon their suitability for mitigating the particular vulnerabilities of the area in question.
For example, this process will eliminate behavioral detection as a measure for fuel farm areas. To
complete the measure classification, classify each listed measure with respect to the three vulnerabilities
if it achieves one or more the following:
Life Safety: Mitigation measures should aim to reduce injuries and fatalities to passengers and
people within landside areas. This can either achieved by preventing the attack from occurring or
reducing the consequence of a blast event.
Commerce: Mitigation measures should aim to reduce the commercial consequences from a
blast attack such as investor value, cost of recovery, cost of operational disruption or opportunity
cost of future additional security measures. This can be achieved by either preventing the attack
from occurring or reducing the consequence of a blast event.
Operations: Mitigation measures should aim to reduce the period in which the airport is
operating in crisis-management mode and to improve the efficiency and effectiveness of the
recovery period before returning to normal operations following an attack. This includes
minimizing damage to assets, business continuity preparedness, incident management, and
assisting in the emergency response.
For example, EDCs are classified as a life safety measure because they aim to proactively detect
suspicious persons and neutralize them, thus potentially preventing an attack from occurring and
mitigating the life safety vulnerability. EDCs are typically deployed within areas of crowds and,
therefore, are not considered a commerce or operational-driven mitigation measure.
Table 5-2 lists and classifies mitigation measures under the vulnerabilities of life safety, commerce, and
operations.
• Terminal Finishes and Furniture • Hostile Vehicle • Hostile Vehicle Mitigation (HVM)
Mitigation (HVM)
• Hostile Vehicle Mitigation (HVM) • Evacuation procedures and
• Structural Hardening emergency response
• Structural Hardening
• CCTV • Structural Hardening
• Facade Enhancement
• Security Patrols • CCTV
• Security Patrols
• Vehicle Checkpoint and • Facade Enhancement
• Explosives Detection Canines
screening
(EDC) • Security Patrols
• Access control
• CCTV • Vehicle Checkpoint and
Screening
• Screening of Individuals
• Communication techniques
• Crowd Reducing Measures
• Security management systems
• Vehicle Checkpoint and
Screening • Business continuity preparedness
• Behavioral detection
• Changes to passenger behavior
and habits
• Evacuation procedures and
emergency response
• Advanced Passenger information
5.3.3 Score
Scoring requires evaluating the performance of each measure and assessing how its performance is
effective in mitigating a blast threat. This comprises two factors that are interrelated as shown in Figure
5-4.
Score particular
Identify tiers of strengths and
performance for a weaknesses for
given measure different tiers of
performance
Platinum Detect
Gold Delay
Bronze Inform
Crowd Reduction
Protect People
Protect Property
This step can be customized to identify performance metrics that are important to that airport. More
formally, to encompass the sliding scale of a measure’s performance, measures are divided into four
tiers — Bronze, Silver, Gold, and Platinum. Each tier of a measure is determined based on a subjective
incremental score for various security metrics (e.g., ability to detect, ability to protect, or aesthetics),
with Platinum levels representative of very best practice. It is expected that a Platinum level of
performance carries a higher cost than a Bronze level of performance.
The tier approach is intended to draw out the relative merits and implications associated with each risk
mitigation measure on the “shopping list” rather than an absolute and actual/guaranteed reduction in
risk. The model is purposefully idealized for ease of use, but with that comes the inability to capture all
the complexities associated with operating an airport in a rapidly changing threat environment. For
example, the effectiveness of a security guard measure is dependent upon organizational culture, which
will be unique to the airport, the guard company, and potentially the locations to which guards are
deployed (e.g., terminal versus fuel farm versus tenants). This will need to be considered by the airport,
hence the need for the airport to calibrate the framework model when using it. The model is designed to
provide airports with a greater insight into the implications and value of the various risk reduction
measures so they can in turn make investments that are better aligned to their risk appetite and business
objectives.
Following is a worked example of this step using HVM (as a stand-alone measure) and its effectiveness
across multiple security metrics shown graphically within Figure 5-5. In relation to the definition of
these levels for HVM, please refer to the broad definitions contained within Table 5-3. These definitions
have been formed by weighing cost and performance using professional opinion of already established
measures. It should be expected that a Platinum level of HVM performance carries a higher cost than a
Bronze level of performance. These tables have been developed for all proposed mitigation measures
and are shown in Appendix A.
Tier Description
Provides visual deterrent with limited vehicle physical impairment. Following impact with hostile
Bronze vehicle, vehicle speed largely consistent, leaving the vehicle drivable. Examples include
architectural bollards and raised curbs.
Provides visual deterrent with moderate level of vehicle physical impairment. Following a collision,
Silver a vehicle will sustain heavy damage but may still be drivable. Barriers are generally untested for
hostile vehicle impact. Examples include jersey barriers, trees, street poles, and street furniture.
Provides visual deterrent with high level of physical impairment. Barriers have been assessed using
Gold engineering calculations and analysis. Does not have the impact and penetration assurance
compared to a barrier that has been impact tested.
Provides visual deterrent and significant physical impairment. Barrier is impact rated to ASTM,
Platinum DOS, IWA, or any other industry-recognized standard. Barrier has a suitable vehicle penetration
performance.
Using the scoring metrics on the right side of Figure 5-4, Step 4 of the framework will select
combinations of measures that complement each other. For the framework to achieve this, measures
need to be assigned subjective values to distinguish their means of providing blast mitigation and their
impacts (i.e., ability to deter a threat, ability to detect a threat, adaptability/flexibility, aesthetics, etc.).
An example of what is required for each measure is shown in Table 5-4 and Figure 5-5 for HVM.
Table 5-4. Default Effectiveness Scores for the Various HVM Tiers of Performance
Bronze 0 5 0 0 0 5 10
Silver 0 10 5 0 0 10 15
Gold 0 15 10 0 0 15 20
Platinum 0 15 15 0 0 15 30
Additional default scores have been developed for several mitigation measures and are included in the
Excel-based tool that accompanies this guidebook. The scoring can be customized, but the default
scoring is based out of 100, whereby 0 means a measure has no contribution to the performance metric
and 100 means a measure completely achieves that performance metric (i.e., a Detect score of 100
would mean the threat is detected 100% of the time). Using this scoring system, none of the default
values inputted for measures exceed a score of 40. This is because none of the measures on their own
can achieve such high performance. This is an important realization of managing security mitigations
and should be considered carefully by the user before implementing.
Table 5-5. Factors to Apply to Baseline Cost Estimate for Example Cities
In continuing with the above HVM example, Table 5-6 shows example ROM costs for constructing
HVM at a medium-sized airport. To determine this, a security or blast engineer and potentially civil
engineer would need to be consulted to identify which type of HVM measure is to be implemented,
where it should be implemented, and any construction issues.
Bronze $390,000
Silver $520,000
Gold $1,001,000
Platinum $1,300,000
Each time Step 4 is performed for a vulnerable area, each existing measure should be assigned the
appropriate tier for its current state. For example, when considering the departure hall, an airport may
have jersey barriers that separate the traffic lanes from the pedestrian space. The departure hall HVM
could be assigned a tier of Silver but no costs associated. For measures that are not currently existing but
are desired or known, a different tier can be selected and costs associated with it.
The calculation in this step will identify if effective measure combinations at the departure hall include a
Gold or Platinum level of HVM, thus indicating if improvements to the current state of HVM should be
considered.
While all of the mitigation measures presented within this section serve to reduce the blast risk, they do
so in various ways. Consistent with the traditional layered security approach, this proposed framework
attempts to capture a range of security objectives that act against the threat itself and/or its
consequences. The outcome of this methodology is to provide a basis for security investment spending
across multiple potential and feasible (for that airport) mitigations to achieve the desired security and
business outcome.
As the number of measures increases, an automated process is needed to support the model. The
accompanying Excel-based tool includes this process; customization of the tool is necessary. While a
qualitative approach has been used to calculate and illustrate the relative merits of security
measures, the resulting functional security score itself does not have quantifiable value. The
scoring instead keeps track of the qualitative assessments of measures.
Once the functional security scores are calculated, the decision-making can be evaluated. Figure 5-6
shows an example output of such an assessment. Each blue dot represents a combination of various
security measures for a particular vulnerable area. The combinations plotted in the lower left likely
include only one or two measures, so therefore they are relatively inexpensive and less functionally
effective (low functional security scores). On the other hand, the combinations plotted on the top right
are the most expensive, but also the most effective (high functional security scores).
As an example exercise, if an airport has a budget of $60 million, the most cost-effective, relevant
measure combinations for the departure hall are shown graphically within the red circle in Figure 5-6,
acknowledging there is a degree of error and subjectivity to the measures rather than being an absolute
quantitative assessment. The airport would then evaluate the measure combinations within that red circle
to determine if any of them meet their blast risk objectives for the departure hall. Comparisons can also
be made between expenditure splits (physical, operational, and technology) of all measures under
consideration as shown within Figure 5-7.
Figure 5-7. Example of Expenditure Splits for Security Combinations under Consideration
Taking a broader view of the framework and applying it to various types of airports, relationships or
patterns can be made on the various optimum splits of combinations. For example, Figure 5-8 and
Figure 5-9 illustrate two theoretical outcomes for both an example new and an example existing airport.
For a given cost, two potential combinations of measures have been evaluated. While the new and
existing airports pose very different breakdowns of measures as would have been listed during Step 2,
their overall resulting functional security score is similar. Not surprisingly, the idealized new airport had
a higher weighting of physical measures, whereas the existing airport favored operational measures. It
should be noted that within the framework process, crowd-management techniques are considered to be
operational strategies.
Figure 5-8. Breakdown of Mitigation Measures (Vulnerability-Based): Example New Airport vs. Example
Existing Airport
Figure 5-9. Breakdown of Mitigation Measures (Metric-Based): Example New Airport vs. Example Existing
Airport
Once the effective measure combinations have been assessed, the airport would select which mitigation
measures to employ in that particular vulnerable area. This concludes the framework process (middle
box in Figure 5-10). Returning to the overall risk-based process, the airport would need to confirm that
the implemented measures have reduced the risks and have been managed appropriately.
Residual Risk
Regulations and Implementation
Evaluation; Risk
Risk Assessment (Framework)
Management
The entire framework procedure (Steps 1–4) needs to be repeated for each vulnerable location in
consideration. Refer to Appendix B, which demonstrates a case study of the framework’s
application.
Not included in this process, but an important concluding note, is that identification of the security
strategy on paper is different from its actual implementation; by design, the strategy can only be as good
as how it is implemented by the responsible managers and staff. The framework process should provide
a sound basis to start from, but it does require some level of subjectivity by those implementing it;
refinement and modifications to the outcomes of the framework are undoubtedly required. Furthermore,
the strategy’s effectiveness in operation should be evaluated and re-evaluated on a regular basis to make
sure the strategy is working as intended.
REFERENCES
Airbus. Global Market Forecast. Airbus, 2017. Accessed July 10, 2018.
http://www.airbus.com/content/dam/corporate-
topics/publications/backgrounders/Airbus_Global_Market_Forecast_2017-
2036_Growing_Horizons_full_book.pdf.
Airport Consumer Survey. Programme Brief. DKMA, 2015.
Airports Council International. Does passenger satisfaction increase airport non-aeronautical revenue?
A comprehensive assessment research report. Airports Council International, 2016.
Airports Council International. Landside Security Handbook – First Edition. Airports Council
International: 2018.
American Society of Civil Engineers. ASCE/SEI 7-16 Minimum Design Loads For Buildings and Other
Structures. American Society of Civil Engineers, 2016.
American Society of Civil Engineers. ASCE/SEI 59-11 Blast Protection of Buildings. American Society
of Civil Engineers, 2011.
American Society of Civil Engineers, Structural Engineering Institute. Disproportionate Collapse
Prevention – Draft. 2017.
ASTM International. F2656/F2656M – Standard Test Method for Crash Testing of Vehicle Security
Barriers. West Conshohocken, PA: ASTM International, 2018. http://www.astm.org/cgi-
bin/resolver.cgi?F2656F2656M.
ASTM International. F2912-17 – Standard Specification for Glazing and Glazing Systems Subject to
Airblast Loadings. West Conshohocken, PA: ASTM International, 2017.
https://www.astm.org/Standards/F2912.htm.
Code of Federal Regulations, Title 49. Office of the Federal Registrar, National Archives and Records
Administration, October 1, 2012. Accessed July 5, 2018. https://ecfr.io/Title-49/.
Cormie, D., Mays, G., and Peter Smith. Blast Effects on Buildings, 2nd edition. Thomas Telford, 2009.
Directive on the use of passenger name record (PNR) data for the prevention, detection, investigation
and prosecution of terrorist offences and serious crime. The European Parliament and the
Council of the European Union, April 27, 2016. Accessed July 5, 2018.
https://www.eraa.org/system/files/directive_681-2016_on_pnr_-_final.pdf.
Foglar, M., Pachman, J., Pelikan, V., Hajek, R., Künzel, M., and Martin Kovar. (2014). “The structural
response of a reinforced concrete specimen subjected to adjacent blast loading.” WIT Transactions on
the Built Environment 141 (2014): 171-179.
Government of Singapore. Infrastructure Protection Act 2017. Government of Singapore, 2017.
Accessed July 5, 2018. https://sso.agc.gov.sg/Acts-Supp/41-
2017/Published/20171031?DocDate=20171031.
Hadden, J.D., et al. “Blast Events: Building Design for Extreme Events.” Structure Magazine, January
2007.
The Institution of Structural Engineers. Practical guide to structural robustness and disproportionate
collapse in buildings. IStructE Ltd, October 2011.
International Air Transport Association. Airport Development Reference Manual, 9th edition.
International Air Transport Association, January 2004.
International Air Transport Association. Airport Development Reference Manual, 10th edition.
International Air Transport Association, March 2014.
International Air Transport Association. Passenger Data Toolkit. International Air Transport
Association, 2013. Accessed July 5, 2018. http://www.iata.org/iata/passenger-data-
toolkit/presentation.html.
International Civil Aviation Organization. Annex 9 to the Convention on International Civil Aviation.
Quebec, Canada: International Civil Aviation Organization, October 2017. Accessed July 5,
2018. https://www.icao.int/WACAF/Documents/Meetings/2018/FAL-
IMPLEMENTATION/an09_cons.pdf.
International Civil Aviation Organization. Annex 17 to the Convention on International Civil Aviation.
Quebec, Canada: International Civil Aviation Organization, March 2011.
International Code Council. International Building Code 2018. Country Club Hills, IL: International
Code Council, Inc., 2018. Accessed July 5, 2018.
https://codes.iccsafe.org/public/document/IBC2018.
IWA 14-1:2013 – Vehicle security barriers – Part 1: Performance requirement, vehicle impact test
method and performance rating. International Organization for Standardization, 2014.
Lees, Eliot. Enhancing the Passenger Experience. ICF, September 20, 2016.
https://www.icf.com/resources/white-papers/2016/enhancing-the-passenger-experience.
National Safe Skies Alliance, Inc. PARAS 0004 – Recommended Security Guidelines for Airport
Planning, Design, and Construction. National Safe Skies Alliance, Inc., February 2017.
Accessed July 5, 2018.
https://www.sskies.org/images/uploads/subpage/PARAS_0004.Recommended_Security_Guideli
nes.FinalReport.v2.pdf.
National Safe Skies Alliance, Inc. PARAS 0009 – Guidance for Security Management Systems (SeMS).
National Safe Skies Alliance, Inc., March 2018.
https://www.sskies.org/images/uploads/subpage/PARAS_0009SeMS_Guidance-Final.pdf.
National Safe Skies Alliance, Inc. PARAS 0013 – Managing Congestion in Public Areas to Mitigate
Security Vulnerabilities. National Safe Skies Alliance, Inc. September 2018.
Odoni, A. and R. de Neufville. Airport Systems, Planning, Design, and Management. McGraw-Hill,
2003. Ch. 15-4, 645.
PAS 68:2013 – Impact test specifications for vehicle security barrier systems. British Standards
Institution, 2013.
PAS 69:2013 – Guidance for the selection, installation and use of vehicle security barrier systems.
British Standards Institution, 2013.
IP Internet Protocol
IT Information Technology
msec Millisecond
RC Reinforced Concrete
TNT Trinitrotoluene
• In 2016, there were more than 200,000 canine utilization hours throughout the nation’s
transportation system.
• Canine teams work at more than 100 of the nation’s airports, mass-transit, and maritime systems
CONSIDERATIONS
Asset owners may want to procure canine programs from external providers as the costs of such
programs are extensive: approximately $35,000 for the dog and training and $6,000 annual welfare
costs.
Key factors to consider when using explosives detection canines include:
• A single dog may operate for up to 8 hours per day with alternating on-duty/rest shifts of 30–90
minutes.
• Welfare and rest facilities (air conditioning, water, defecation) are required that may not be
available in transport areas.
• Dogs are trained to detect specific scents; programs may take 15 weeks for explosives and 25
weeks for a broader range of chemicals.
• Detection canines can either be trained to detect illicit drugs or explosives, but not both.
• Conventional explosives detection canine handlers undergo a 10-week training course. Passenger
screening canine handlers undergo a 12-week training course.
EFFECTIVENESS
• Dogs are able to detect explosive material through sense of smell rather than visual observations.
• Dogs can act as a deterrent.
• Explosives detection canines can be deployed on a risk basis and to new and existing terminals.
• Dogs can be deployed anywhere within the FoH areas.
• Dogs can be used for random searches.
• Dogs are effective in areas of patrol, depending on the number and frequency of patrols.
• Canine detection can be subject to handler biases.
• Dogs are normally trained to detect commonly used explosives such as TNT, C4, commercial
dynamite and Semtex. As terrorists adapt with different devices containing household chemicals
(e.g., TATP), the challenge of detection becomes harder.
• Compared with other pre-entry screening processes, it may eliminate long queues, as it allows
passengers to keep all their clothing on during the inspection—including coats, jackets, leather
items, etc.— without the need to remove those items before entering the system and then put
them back on after exiting.
• Most systems are portable and easy to install, and therefore can be effectively deployed on a
random basis to provide a deterrence and detection measure.
• The equipment supports a wide range of deployment scenarios that may be applicable to all types
of airports.
• Deployment of pre-terminal screening systems improves deterrence and detection capabilities,
while blast hardening mitigates the impact and consequence of any attack.
• These systems may be preferable to use for staff screening rather than passenger screening.
Passengers may carry other baggage that will trigger alarms if they go through the equipment.
Further operational evaluation and experience may be required to establish false-positive alarm
rates.
• The equipment provides an effective deterrence, but is unlikely to be a measure that can be
deployed 24/7 at all terminal entrances because it could cause unacceptable delays and also
create queues in public areas, which in itself would be a vulnerability.
• Some of the screening systems include facial recognition cameras. These can monitor persons
going through the system and then scan databases against a watch list or employee database. This
depends on the operator of the system having a suitable database with the right biometric, and/or
having access to such a database. In the case of an employer list (for example, at a staff access
post) this would probably be feasible, while in the case of a public entrance, owners of watch
lists or relevant databases may not be willing/able to share them (even assuming the database
includes the right biometric, such as facial recognition) and therefore, at this time, the potential
for finding known terrorist suspects could be limited by the availability of databases to the
system operators. However, the ability to integrate the screening process with a facial
recognition system does exist. If the equipment operator was an LEO, the ‘access to database’
obstacle may be overcome, at least in part. System integrators are analyzing the potential for real
time tracking of individuals through the terminal based on a range of biometrics, including facial
recognition, and physical characteristics, such as walking gait.
• Response to any alarm is critical and needs to be set out in a detailed ConOps, to clarify whether
the person should be stopped and the cause of the alarm verified, or tracked using technology or
Behavior Detection Officers.
• Theoretically, the system could be deployed without staff and could operate discreetly, with
alarms being sent to a control room and the person being tracked in the terminal, but this would
depend on false/false-positive alarm rates.
• It would also depend on the availability and proximity of response agencies.
or access control measures in place. An option using a combination of Automated License Plate
Recognition (ALPR) and physical measures to manage and mitigate this may be viable.
ALPR can record and display the registrations of all vehicles entering or leaving a site. Vehicle
screening system (VSS) cameras can record all other site activity, which can be viewed and controlled
from a single location.
ALPR could be used for loading docks and pre-authorized vehicles, but the technology will only identify
a specific vehicle registration. The vehicle and/or the driver/occupants may still present a threat.
Airport operators issue permits or passes to vehicles operating airside. Some airport operators may
implement a known vehicle process that may involve issuing a landside pass. This may provide a degree
of reassurance for vehicle status, but some airports do not recognize value in such programs on the basis
that the system may identify vehicles but not necessarily the threat they may pose.
CONSIDERATIONS
• ALPR VSS also include options for capturing image and vehicle registration details to keep on
record.
• ALPR will need to be used in conjunction with physical measures, such as hostile vehicle
mitigation road blockers, barriers, bollards, or gates, to ensure a physical barrier.
• Sufficient space must be allocated for installing physical measures as well as ALPR systems.
EFFECTIVENESS
• These systems may prevent VBIED in car parking through deterrence.
• Passengers are required to register details before arriving and parking their cars.
• All airport employee vehicle details can be stored in ALPR database. This can be effective in
preventing hostile vehicle ramming of critical infrastructure that employees can access.
• While ALPR can identify vehicles and individuals, it cannot validate capability and intent (e.g., a
vehicle may be legitimate in the sense that it is ‘known’ but still contain a viable VBIED).
Vehicle Checkpoints
SUMMARY
Below are some examples of vehicle checkpoints on approach roads:
• Brussels airport employed trained behavior detection enforcement officers/soldiers for spotting
suspicious vehicles on roads leading to the terminal drop-off.
• Ben Gurion Airport has a vehicle checkpoint.
• Other airports may also utilize vehicle checkpoints on approach roads, typically when threat and
risk context requires an additional layer of protection. An example was Belfast International
during the 1990’s when local PIRA activity posed a serious threat.
In these types of instances, the checkpoint may be manned by Police/LEO or military, and will be
located a significant distance from the airport terminal. The actual process may vary according to the
threat and risk (and also can be varied specifically to provide unpredictability), but may include:
The process of searching vehicles is time consuming, so to process vehicles into airside, airport
operators often compartmentalize each vehicle into five areas such as trunk, under hood, interior, glove
box, and underside. This provides two variables to work with in changing threat and risk contexts: the
number of compartments to be searched and which compartments are searched for each vehicle.
Airports can use Under Vehicle Video Surveillance (UVVS):
• Vehicles are required to slow down as they drive on Brussels airport approach road. This is to
allow officers/soldiers to carry out a non-stop visual inspection of the vehicle.
• If an officer/soldier notices anything suspicious, they can stop vehicle and ask for ID
documentation.
• This practice may slow down traffic and cause congestion.
UVVS:
• These systems may slow down traffic and therefore cause delay (but this can bring a security
benefit).
• A typical throughput speed is 18 mph.
• These systems can either be mobile, which may take around 20 minutes to deploy, or static,
which is installed in a small pit in the entrance road.
• UVVS can be integrated with ALPR.
EFFECTIVENESS
• Vehicle checkpoints are extremely effective in deterring a threat.
• From an operational point of view, UVSS and vehicle checkpoints will disrupt traffic flows and
may lead to congestion.
• Provision can be made for vehicle checkpoints on approach roads, and then they can be
operational on a random basis, or when required by threat and risk assessment.
• As first point of contact with the airport for many passengers, a vehicle security checkpoint can
be intimidating and create an adverse passenger experience.
• Vehicle checkpoints are facilitated if approach roads accommodate a dedicated lane for
processing any vehicles that require secondary inspection.
• Trace detection on vehicles is an effective detection process that could be introduced into the
vehicle checkpoint operation. (This is currently deployed at UK ferry terminals and the UK
Channel Tunnel).
• UVVS will not detect threat items within the vehicle.
• Depending on space capacity on approach roads, it can be easy to deploy temporary vehicle
checkpoints on approach roads (e.g., after March 2016 attacks, Brussels Airport deployed a
vehicle checkpoint on the approach road leading to the terminal, where vehicles were asked to
slow down and soldiers standing in between lanes visually inspected drivers to spot anything
suspicious).
• Vehicle scans can be performed in either static or mobile configurations. The static system is a
permanent deployment and is installed on or below the road surface. The mobile system is a
rapidly deployable portable version that is integrated into a heavy-duty rubber ramp assembly.
The static system is housed in a small pit in the road at the entrance to a security area. It can be
easily retrofitted into existing search bays and is non-intrusive to the driver. The mobile system
takes only 20 minutes to deploy. Durable and suitable for any temporary security measure, this
technology can also be used for permanent installations where alterations to the road surface are
not possible.
The use of coded messages and announcements encourages employees to be extra vigilant, without
alarming passengers; this method is employed by some airports very effectively.
Other related methods include running a staff vigilance campaign.
CONSIDERATIONS
• These techniques are an extremely cheap mitigation measure.
• They promote a ‘reporting’ culture where all airport staff feel involved in ensuring security.
• Advanced communication techniques should be considered as part of a wider security culture
initiative such as a Security Management System (SeMS).
EFFECTIVENESS
• These techniques may be extremely effective for deterring a threat.
• They can disrupt a hostile reconnaissance.
• Management commitment
• Threat and risk management
• Accountability and responsibilities
• Resources
• Performance monitoring, assessment, and reporting
• Incident response
• Management of change
• Continuous improvement
• Training and education
• Communication
EFFECTIVENESS
For security management to be effective, it has to be a continuous cycle that includes a threat and
vulnerability assessment, the identification, capture, and analysis of risk, and the generation and
continuous review of risk-mitigation plans. Risk is a dynamic area and will require continual review
against an ever-changing threat landscape.
• There is an increased use of internet check-in, potentially resulting in less crowding at check-in
desks as passenger go directly to the security checkpoint and into the airside area of an airport.
• There is an increased use of self-bag drop, which may mean there is less crowding at check-in
desks. Possible use of off-site hold baggage check-in/drop-off should be considered.
• There is an increased use of remote bag-drop. Hong Kong International Airport has an in-town
check-in. Airport Express travelers can check their luggage in town and then proceed to the
airport bag-free. In-town check-in service is provided for any passenger with baggage where the
total size does not exceed 58 inches (length) x 39 inches (width) x 33 inches (height) and weight
not exceeding 200 lbs.
• A higher percentage of passengers have cabin baggage only (due to airline fees for hold
baggage), which may mean less crowding at check-in/bag drop desks.
EFFECTIVENESS
• These techniques reduce the potential for mass casualties and deaths, as there is less crowding.
• These measures are more concerned with people security rather than airport infrastructure
security. Most of these measures are customer service-driven, but nevertheless introduce a
security benefit. All of these measures require airports, airlines, and other stakeholders to be
involved. Processes that take place off-site can reduce the risk exposure.
Security Patrols
SUMMARY
Perimeter patrols serve as a deterrent to breach attempts, allow for identification of persons on the
airfield who may have breached the perimeter, and enable inspection of the perimeter fence to locate
where breaches occurred or were attempted.
It is a common practice for perimeter patrol to be carried out by security personnel, LEOs, airport
operations staff, maintenance staff, or any combination of these groups. In some airports, operations
staff may carry out perimeter and airfield patrol duties, while in others, security staff and LEOs are
trained in and carry out some operations duties.
Where threat and risk context requires, airport operators will also arrange a security presence at
pickup/drop-off zones to ensure that vehicles are not left unattended. In the United States, this is usually
provided by airport staff, but may be supplemented by an LEO presence when required for traffic
management. Occasionally, patrols and security staff presence is supplemented by signage and
announcements to ensure that travelers are aware of the security requirements―but this is not always
the case.
CONSIDERATIONS
• The patrol of large airports may take several hours and require getting in and out of the vehicle to
ensure perimeter integrity. In some cases where airports use fencing that allows a vehicle to
breach under the fence, the fence may return to its normal position so that a breach may not be
noticeable.
• In some cases, portions of perimeter fencing must be inspected from landside due to factors such
as wetlands and wooded areas.
• Inspection of fencing around terminals and other busy areas where cargo containers and other
equipment are parked may require patrol observation from landside.
• In some very small airports, LEOs are required to be present at the passenger screening
checkpoint, to patrol inside the terminals, enforce the challenge program, monitor vehicles at
terminal curbsides, and patrol the Secured Area, which leaves little time for accomplishing
multiple perimeter patrols during an individual shift.
• The presence of security patrols walking or driving up and down the pickup/drop-off zones to
ensure that vehicles are not left unattended will add to the security costs of the airport. A more
cost-effective method would be to limit the space allocated for pickup/drop-off zones.
• Pickup/drop-off and loading zones should be set as far away from the terminal as practical to
minimize the blast effects of a vehicle bomb. Planners should consider the use of moving
sidewalks or access to luggage carts to help passengers bridge the gap.
EFFECTIVENESS
• Airports are always seeking to optimize the patrol mission, and often use increased frequency,
reconfiguration, and unpredictability of patrol tours in their efforts.
• Allocating enough space at pickup/drop-off zones to park a police car may act as a cheap measure of
deterrence.
Barriers are commonly concrete-filled steel bollards or concrete knee-walls, with robust reinforced
concrete foundations. Other anti-ram features such as berms, planters, or trees may also be used, but
unless they are specifically designed to resist malicious vehicle attacks, they may only provide a visual
deterrent.
Crash-test certification standards, such as ASTM F2656, PAS 68 & 69, and IWA 14 are typically used
to specify the performance of the barrier. A barrier rating is based upon the vehicle size and approach
speed, its angle of impact with the barrier, and how far the vehicle can penetrate the barrier, if at all. An
engineering evaluation, often called a vehicle dynamics assessment, which takes into account achievable
radii of curvature for specified vehicle sizes, speeds, and road layouts, is typically performed.
Penetration is often restricted to 1 meter, and for trucks is based upon the distance that the front of the
cargo bed reaches past the original/reference point of the barrier at any time during the test.
In addition to physical barriers, a hostile vehicle mitigation (HVM) strategy may include operational and
technological methods that help detect or deter hostile vehicles. This can include measures such vehicle
screening and license plate video camera analytics. These measures are addressed separately.
Airports often implement HVM in some form, but a holistic strategy to address highest risk areas by
means of physical, operational, and technological measures may be overlooked.
CONSIDERATIONS
• Physical barriers as part of an HVM strategy may take away from the aesthetics of an airport
terminal.
• Typically, barriers are performance specified to be certified or to meet a crash-rating. Unless
conditions allow for deep foundations (i.e., no utility disruption or elevated slabs), installation
without any engineering analysis is difficult.
• Integration of HVM with site landscaping is imperative for using resources effectively (i.e., if the
landscaping considers HVM, explicit vehicle barriers may be redundant) and creating an
aesthetically-pleasing environment that is also secure.
• For elevated slabs such as at the raised departures-level viaduct of an airport, shallow-mount
barriers are required because standard depth excavation for the foundation is not possible.
• HVM is most applicable to terminal drop-off and pickup roadways.
• Placement needs to allow for vehicle doors to open and passengers to flow freely.
• Temporary/portable barriers may be deployed, but are less common and cannot achieve as high
of a crash-rating.
• Removable/operable barriers provide flexibility for use.
EFFECTIVENESS
• Physical HVM barriers do not have detection capabilities.
• HVM is an effective visual and physical deterrent.
• Little maintenance is required for physical barriers.
• No operational support is required for physical barriers.
• When specified and deployed appropriately, HVM is highly effective.
• HVM is sometimes deployed without consideration of a vehicle dynamics assessment, nor in a
holistic manner that considers other measures such as vehicle screening; this results in a less
effective design.
• Many HVM deployments are falsely assumed to be anti-ram or otherwise have unknown
performance (i.e., planters that are not crash-tested are often deployed in front of doors).
• HVM can be expensive.
• In large stretches of areas, barriers cannot be fully deployed due to limited resources; therefore,
this limits their effectiveness in certain scenarios.
• Barriers are generally permanent and thus not flexible to change with changing threat
environments or site reconfigurations.
• Failures may occur due to a vehicle being larger or having a greater speed than was determined
credible. Failures may also occur if removable bollards are used and the bollard is not replaced.
Failure may also occur due an improper assessment of where the barriers should be located.
Structural Hardening
SUMMARY
The primary physical hardening objective for blast mitigation should be to limit structural collapse. This
will reduce risk of casualties. ASCE 59-11 defines reasons for blast enhancements in general.
Structural hardening is often provided to critical or primary structural elements, followed by secondary
structural elements, which may be allowed to experience slightly greater damage than primary elements.
Structural robustness is often included as a goal, which involves designing a structural system to sustain
local damage without failing to any great degree.
Hardening consists of increased shear and flexural strength as needed to withstand the loading
associated with the design basis threat. Additionally, increased capacity in connections is provided in
order to promote a ductile/flexural response rather than failure of members at their connection points.
CONSIDERATIONS
• Architectural furring or coverings may be installed on columns to reduce the effects of a PBIED.
• Locating high-risk areas for VBIEDs as far away from the building as possible will help reduce
the effects on structural hardening.
• Hardening of a parking garage against progressive collapse significantly increases the cost, and
is often not considered due to the lower occupancy and lower risk of downtime associated with
the loss of a parking garage.
• The minimum structural integrity provisions defined in US building codes, such as the IBC and
ASCE 7, provide a small degree of tying and otherwise include the general requirement that
collapse should not be disproportionate to the cause. Tying provides a minimum/baseline level of
robustness and is not based upon any specific initiating event (i.e., an explosion). Specific
progressive collapse analysis criteria to resist a design basis threat, such as an explosive event,
are not mandatory unless elected by the owner or authority having jurisdiction. There are a few
guidelines that are used as best-practice, primarily the UFC 4-023-03. Additionally, the
Structural Engineering Institute of ASCE is currently drafting a design standard. Using these
methods for blast resistance, a structure is explicitly designed to achieve an identified
performance after the loss of columns.
• Protection of critical infrastructure should be considered. A hardened envelope (i.e., reinforced
concrete walls) may be installed around fuel tanks or power supplies that are especially
vulnerable to PBIED or VBIED threats.
• The costs associated with structural hardening for an explosive event are often significant.
However, when considering the risks associated with costs of potential structural loss, downtime,
and casualties, it is often considered to some extent in terminal design.
• Retrofit of structural elements is difficult, but achievable.
EFFECTIVENESS
• Increasing the robustness of a structure is an effective means of preventing casualties
disproportionate to the event, but will not prevent casualties caused by the primary blast load
effects and fragmentation.
• Structural hardening will also reduce the risk of major downtime, such that only minor repairs
are required instead of major structural repairs.
• It is not economically feasible to harden a large structure like a terminal facility to prevent
damage in the event of all viable VBIEDs.
• Structural hardening is permanent and not flexible to change with a changing threat environment.
• These measures can incur large costs, particularly for retrofit activities.
Facade Enhancement
SUMMARY
The hazards created from glazing failure in an explosion are lethal. Monolithic glass is a brittle material
that fails suddenly and fragments are projected at high velocities. However, with a properly designed
blast-resistant laminated glass facade, the glass can respond in a ductile manner and the fragmentation
hazard can be reduced.
ASCE 59-11 recommends that exterior structural and non-structural elements be designed and detailed
to reduce the potential of a breach that would allow overpressures to enter the building. Additionally,
ASCE 59-11 recommends flying debris be minimized to reduce the potential for hazardous secondary
fragments.
Laminated glass with a polyvinyl butyral (PVB) interlayer used for blast resistance is highly ductile
when loaded at high strain rates, and will stay bonded to the glass after the glass has cracked.
Blast performance of glazing is typically based on the GSA Performance Condition scale, which is
based upon the distance glass fragments enter the space after an explosion (if at all). Ratings range from
Performance Condition 1 – No Breakthrough to Performance Condition 5 – Hazardous Failure. Typical
performance for a blast-resistant facade is between Performance Condition 2 and 3B.
Glass performance is also measured using ASTM F2912-17 hazard ratings. The hazard ratings are
measured H1 through H5, and have corresponding descriptions of glazing response from no glass
breakage through moderate hazards, similarly measured to GSA Performance Criteria via how far
fragments enter the space.
CONSIDERATIONS
• An essential part of laminated pane design is the detailing of the edge retention and frame and
fixings to support the glass. Laminated glass on its own may not provide appropriate
enhancement. The glass should be designed to remain in the frame and the frames should be
designed to carry the load of the glass.
• For retrofit, adhesive film can be applied to the inside surface of a pane to hold the glass
fragments together. A cable catchment system or mechanical anchorage of the film to the frame
may be warranted since proper detailing of the rebate in retrofit scenarios is not possible.
However, this may be a difficult retrofit for large airports that have large landside façades on
their terminals.
• Application of structural silicone sealant is required between the glass and the frame; otherwise,
large capture of the glass within the frame is required.
• The structural system needs to be designed to take the load from the facade.
• Glazing not only includes the exterior facade, but balustrades, handrails, smoke screens, and
overhead glass that may shatter.
• Maximum pane size may be limited; similarly, minimum pane size may be limited, especially if
there is a balanced design requirement.
• Balanced design is sometimes considered, where the frames and anchorages and supporting
structure are designed to withstand the maximum capacity of the glass, rather than the load that
is transferred as a result of the design basis threat. This provides some robustness in that it is
threat-independent; however, it can be a costly design requirement.
• US facade manufacturers have primarily blast-tested their products to prescribed government
criteria; deviation from this requires custom design by a blast engineer. Often, standard designs
do not fit within the aesthetic or architectural intent of an airport.
EFFECTIVENESS
• Properly designed glazing systems that achieve GSA Performance Conditions between 1-3B can
significantly reduce casualties in the event of an explosion and eliminate or reduce the blast
pressures that enter the building interior.
• Laminate can reduce fragments.
• Allowing a percentage of facade failure is often considered for economic reasons; this may
reduce the effectiveness of the mitigation in areas directly near the explosion.
• The measures, once installed, are permanent and not flexible.
• Failure can occur if the design basis threat is greater than what was designed, or if rebate
detailing was not specified properly.
• Failure can also occur if the supporting structure is not properly designed to withstand the greater
strength of the glass system. Blast-resistant facades are increasingly common at airports. The
cost is not insignificant; however, the cost-benefit is often judged to be worth the investment.
CCTV Analytics
SUMMARY
In the most basic sense, CCTV analytics are the application of computer vision on surveillance camera
feeds so that security guards do not have to stare at computer monitors for hours on end. The premise is
based on quantifying the events that may interest a security team (and others as well, such as
departments of transportation and retail, for example) so that a computer is able to then bring a particular
camera’s feed to the guard’s attention upon trigger.
The analytics most applicable to blast prevention are listed below. Each manufacturer may have
different names for their own implementations.
• Object left behind: Items such as bags and suitcases can be detected in feeds, especially when the
computer can compare to a baseline of the camera’s view (at a time with no people or other items
present). Settings can usually be set for how long an item can be in the scene unattended (when
no nearby person is detected) before alarm trigger.
• Virtual barrier: A line can literally be drawn on the feed of a camera so that the system is
triggered when a moving object is seen crossing that line.
• Smoke detection: Especially in outdoor areas, smoke can sometimes be detected through CCTV
feeds faster than by standard detectors.
• Person tracking: One person of interest will usually be captured by multiple cameras at slightly
different times. Some video analytic systems are able to detect the same person and/or item in
multiple feeds and automatically piece together a chronological montage of this footage, as long
as these feeds are synchronized properly. This can be used to actively or forensically track a
person and/or thing throughout an entire site automatically.
• Behavior: More advanced analytics are able to make use of machine learning to become more
robust over time. The computer is continuously establishing baselines depending on what is
captured by the camera during normal operations and is then able to detect abnormal behavior.
One example may be a camera that looks at a train tunnel where train exiting happens many
times a day, but the analytic is triggered if it notices a car going into the tunnel in the opposite
direction.
Other common analytics that can also play a role in blast prevention include more specific detection,
such as facial and license plate recognition.
CONSIDERATIONS
• As with general design of a video surveillance system, including both the head-end equipment
and the cameras deployed around a site, proper thought must be given to enabling each feed to
have sufficient definition in order to perform the desired analytic. For example, facial detection
analytics are often quoted to require higher than 60–80 pixels per foot at the target length away
from the camera, which is also subject to depth of field, lighting, and other conditions. For
applying analytics to a system of cameras that has already been installed, one must consider each
camera’s environment and specifications beforehand.
• Legacy CCTV systems are often able to be upgraded with analytic capability, even older analog
systems. There are certainly restrictions that vary by manufacturer, and the method of
implementation (whether the analytic is being run on the edge device out in the field or on the
head-end server) and different licensing models can also complicate things. Some companies
even sell small physical attachments that can be retrofitted into the transmitting wire of an older
CCTV camera to enable analytics on it. Whether the analytics are calculated on the edge or in the
head-end could have a large influence on the amount of data being transmitted over the network.
• Some analytics such as license plate reading may require the use of an additional server to store
and sort through the database(s) of records. If these servers are not on the same local network of
the video management system, further consideration into firewalling this connection is
necessary, especially if that database is hosted by external agencies.
• Different manufacturers have different ways of implementing the same analytic. Video
surveillance regulatory organizations such as the Open Network Video Interface Forum
(ONVIF) and the Physical Security Interoperability Alliance (PSIA) are mainly concerned with
ensuring that camera technology, including analytics, is able to work across multiple different
systems; these should not be mistaken as agencies that make sure the analytics meet any sort of
minimum performance criteria.
EFFECTIVENESS
• As is with most of the technology world, the field of CCTV analytics is rapidly changing; to take
a snapshot of its current effectiveness at any given time may not be indicative of even a few
months later. Most manufacturers do not publicize failure rates, which could include both false
positives and neglecting or missing the accurate identification of an item/person, but in their
defense, it is difficult to quantify this as a statistic independent of other factors or even against
rates of human monitoring. There seems to be a tendency in the airport industry to be hesitant to
trust a computer to conduct this type of work, but the independent testing organization IP Video
Market Info has shown at least some analytics use/acceptance steadily climb to north of 80%
among responders in 2016.
• Modern computer processing has turned analytics from what was mostly only able to be used as
a forensic tool into a live, real-time monitoring detection system. Even implementing basic
analytic functionality can allow for fewer guards to be needed in a security operations center,
which could in turn allow for them to be deployed on site. The fact that many video management
systems are embracing mobile device access enables guards to be instantly notified of events,
complete with location and video, right on their smartphones.
• A well-designed CCTV system that has both identification capability (resolution) at key points,
as well as overall awareness (coverage), can be enhanced with analytics without the need of
changing out the physical devices; remotely-deployed firmware upgrades allow for fast and
efficient system improvement.
LiDAR 3D Detection
SUMMARY
Light Detection and Ranging (LiDAR) projects a laser onto an object and measures the time it takes for
the beam to return to the source, after which the distance travelled by the light is used to determine
distance. When this laser is directed in many different directions via a rotating mirror, it is able to
reconstruct a 3D scan of a scene. Traditional LiDAR scanning can take many minutes as a scanner
rotates 360 degrees on a tripod to capture everything in high detail. However, lessening the detail
(amount of points captured per square meter, for example) can greatly speed up the process, enough so
that real-time 3D awareness can be attained. This use of the technology has its roots in autonomous
vehicles but the security industry is quickly realizing how it can be used for surveillance. A real-time 3D
map of an area can supplement CCTV analytics for further detection capability, especially in places with
low CCTV resolution and therefore lower analytic efficacy.
CONSIDERATIONS
• LiDAR is not able to detect 3D through physical geometry. In the 3D scanning sector, this fact is
overcome by simply moving a scanner to different points around a site and then stitching these
disparate scans together to reconstruct a cohesive overall scene. The solution for implementing
this in a real-time detection system is similar but instead of moving the scanner, a network of
different scanners can be planned and installed to cover for each other’s blind spots, as well as
have enough overlap with one another to capture the full area. Individual scanners typically have
a range of 100 meters; combining multiple scanners will extend this reach.
• Because enabling real-time scanning is achieved through the coarsening of resolution, LiDAR is
best used when supplementing another system such as CCTV analytics. This currently would
involve custom applications that make use of various software development kits given that the
technology is fairly new. LiDAR detection is able to classify objects based on their absolute size
(vs. 2D camera feeds that can only judge relative, pixel-based size) and can therefore filter out
objects smaller than, say, a small human before triggering alerts. The scanners themselves are
small devices that can be installed just like CCTV cameras. They rotate their laser emitter and
receivers at high frequency to capture at a 360-degree horizontal field of view (FoV) although
their vertical FoV is drastically reduced, which necessitates clever planning of the system’s
physical layout. Once set up, the technology requires no active human intervention.
EFFECTIVENESS
Even though it is in real-time (up to 20 frames/second), this low-resolution 3D scanning is not a security
solution until used in conjunction with something else, such as a video management system (VMS).
Upon recognition of a large enough object, the LiDAR system can transmit precise coordinates to the
VMS, which could in turn pan and zoom a camera to get a visual and bring it up on a security guard’s
screen and/or mobile device. The 3D nature of the scan is certainly more robust than using a tracking
CCTV analytic for this same purpose.
While not demonstrated, a system such as this and its Application Programming Interface (API) could
be leveraged for other uses such as people counting. In essence this can provide another Big Data source
that can be used for future planning.
CONSIDERATIONS
• While manufacturers will provide the supporting network infrastructure, there are too many
different models of cellular devices in circulation to guarantee that each is compatible with each
program’s mobile website and/or app. It is also subject to the network’s uptime and individual
cell connections of those devices.
• Pinpointing specific locations inside buildings is not attainable solely by using GPS and the
emergence of better technologies might be required to fully realize the benefits of these systems.
• When location tracking is functioning fully, these networks are able to locate any person on the
system. And even though there are assurances by manufacturers that this feature is disabled once
the app/site is closed, there will still undoubtedly be privacy concerns.
• Implementing these systems that are open to letting the public report suspicious activity can also
make them subject to being manipulated. Similar in concept to a Distributed Denial-of-Service
attack, a group of people can plan to disable the system by flooding it with massive amounts of
false data.
TIERS OF PERFORMANCE
Facade Enhancements
Structural Enhancements
Crowd Mitigation
CCTV
Screening of Individuals1
Security Patrols
Vehicle Screening
Resilient Finishes
Behavioral Detection
Airport Overview
The fictional airport considered for this case study is a major international airport, servicing
approximately 35 million passengers each year (for both domestic and international travel) with planes
departing every 2 minutes.
For the purpose of this case study, the airport is characterized by the following elements:
Characteristic Description
U-shaped A U-shaped roadway leads to the terminal pick-up/drop-off areas. This roadway is one-
roadway directional.
A multistory parking garage stands approximately 300ft away from the terminal, connected
Public parking
by a pedestrian walkway and road crossings.
Loading dock The loading dock is adjacent to the building at arrivals level.
The pick-up/drop-off areas are located outside the terminal entrances. Cars pull into parking
Pick-up/drop-
bays (with an unenforced time limit of 5 minutes) to drop off or pick up passengers. Bus pick-
off area
up zones are located in designated areas.
Terminal
The terminal has a glazed facade with automatic sliding doors to facilitate entry.
facade
The terminal entrances open into the check-in hall. Electronic check-in terminals are located
Check-in hall closest to the entrances, with a number of rental car tenancies occupying the wall-side of the
structure. A queuing area is facilitated by rope barriers.
Security Passengers for domestic flights proceed directly to security screening following their check-in
screening and then on to their boarding gate.
Baggage claim Arrivals head to the baggage claim hall that has approximately 12 baggage carousels.
Large cylinders containing jet fuel for flights are located landside approximately 150ft from
Fuel farm
the terminal structure.
Data centers are located within the terminal building. These are within the airport’s back-of-
Data centers
house area, segregated from the public area by a secure corridor.
Airport age Approximately 25 years.
The structural characteristics of the airport include: steel beams with concrete floor, steel roof
Structure and columns. The baseline structural design already considers design against
disproportionate collapse.
The airport is currently at a heightened threat level due to a recent bombing attack at an
Threat level
airport abroad. The selected mitigation measures reflect this threat context.
Life
Location Description Commerce Operations
Safety
Life
Location Description Commerce Operations
Safety
This section outlines the various operational, technical, and physical mitigation strategies that this
airport can implement to reduce the potential consequences of VBIED threats. The below sections
describe mitigation measures that could be applied to manage this risk.
Step 1 of the framework process has been completed during the risk assessment (see Table B-1). Step 2
incorporates listing the measures that can be used to mitigate this risk at this particular airport.
Physical
Physical mitigation strategies provide a passive benefit against a blast threat by directly mitigating the
effects that harm people and structures. Physical measures that may be implemented include:
• Impact-rated vehicle security barriers such as bollards. These barriers create standoff between a
VBIED and terminal facade, but also provide anti-ram capability, preventing a VBIED from
entering the building space
• Anti-shatter film (ASF) applied to glass panels to reduce fragmentation from entering the interior
terminal space from an outside explosion
• Installing replacement blast-resistant facade systems with laminated glass and blast-resistant
frames
• Enhancing existing overhead equipment anchorages to reduce overhead equipment falling from a
height
• Installing architectural furring and cladding around columns
• Installing fiber-reinforced polymer (FRP) wraps on concrete columns or concrete encasement
around structural steel columns.
Operational
There are several operational control measures that an airport can implement to reduce the impact of
VBIEDs. These measures generally do not reduce the effects of a blast, but predominately act as a
means of detection and deterrence, and potentially have the capability to disarm an assailant in some
instances. Operational measures often work best when implemented in tandem with technology.
Technology
Technological solutions can be used to enhance the effect of operational staff in detecting and deterring
blast threats. The following may be undertaken to enhance the airport’s electronic security systems, or
provide additional tools for operational staff to mitigate against the VBIED threat:
• Monitored CCTV surveillance of vehicles on and before the terminal roadway. This may be
supported by CCTV analytics to identify idle vehicles (or unusual vehicle behavior) in
designated areas. Note: CCTV cameras may need to be upgraded to a higher resolution to
support analytics software.
• License plate recognition systems to verify authorized vehicles for secure areas. This requires
coordination with authorities or agencies.
• Replacing fixed lens cameras with PTZ cameras or multi-imager cameras to facilitate an increase
to the potential field of vision provided by surveillance systems.
• Under vehicle screening devices used at checkpoints to thoroughly check a vehicle for explosive
materials.
Mitigation Assessment
Following a qualitative assessment of all the proposed measures to protect against the blast threats, the
following mitigations have been selected as potentially being able to be incorporated as part of the
holistic blast strategy. The extent of mitigations listed are for example purposes only, and mitigations
may vary depending on the risk assessment process and individual airport characteristics being
considered.
After further evaluation of the possible measures, the measures listed in Table B-3 have been identified
for moving forward with the framework process.
Table B-3. Individual VBIED Mitigation Measures Considered at the Example Airport
Mitigation Description
Vehicle Security Impact-rated vehicle security bollards installed 12 feet in front of the terminal facade.
Barriers
Vehicle Vehicle screening checkpoint with under vehicle screening technology. Inspections
Screening undertaken on a random basis.
Anti-shatter film installed on existing terminal facade. Provides improvement by reducing
Facade
glass fragments that enter the terminal building. Replacement of the facade was seen as
Enhancement
unfeasible in this specific example.
Additional taxi ranks provided to reduce the concentration of people along the roadway.
Crowd Reduction Ride-share pick-up locations spread over more terminal exit doors. General public pick-up
areas relocated to near bus zones.
An increase in the number of security personnel patrolling the roadway acting as a show of
Security Patrols
security presence and capable of detecting parked/suspicious vehicles.
Monitored CCTV with video analytics capable of picking up parked cars or suspicious
CCTV vehicles. License plate recognition linked with authorities capable of picking up suspect
vehicles.
Moving on to the scoring portion of Step 2, these mitigation measures have then been assessed against
metrics that achieve a security outcome. The scoring and metrics used in this example are summarized
in Table B-4. The list of security metrics and scoring was undertaken collaboratively with airport
stakeholders, airport management, and an external protective security professional. The scoring below is
for example purposes only, and may differ depending on individual airport characteristics and risk
profile.
Table B-4. Example Scoring of Mitigation Measures Against Proposed Security Metrics
Step 3 of the framework includes developing ROM cost estimates. For this step, a blast engineer was
consulted for a nominal fee to develop conceptual ideas of the mitigations and where they would be
located. The airport’s cost estimator was used to develop annual costs, annualized over 15 years using
Net Present Value. The engineer would be retained to do a more detailed design once the airport has
considered which measures should be pursued after completion of Step 4.
These mitigation measures, scores, and costs were inputted into the framework for evaluation of the
exterior drive-up area as it relates to the VBIED vulnerability. Figure B-3 shows the output from the
Excel-based tool for this case. The combinations within circles A, B, and C were independently selected
by the airport for evaluation, as they have the highest functional security score for a given financial cost
region.
Figure B-3. Output from the Excel-based Tool – Measure Combination Options
The airport’s assessment of the combinations within circles A, B, and C is summarized within Table
B-6.
Combination Groups
A When referenced back to the risk assessment, it was deemed that these were not adequate in reducing
risk to an acceptable level.
B These mitigations are to be considered for implementation and interrogated in more detail.
C Mitigation combinations are acceptable but expenditure is too high and not proportionate to risk.
The three measure combinations within circle B were further evaluated by reviewing the specific
measures in each combination along with their functional security scores and financial costs. A
summary of this assessment is shown in Table B-7. A summary of the breakdown of costs between
physical, operational, and technological was also investigated as shown in Figure B-4. The airport has
enough initial funding to make capital investments and would prefer this to longer-term operational
expenditures. Additionally, the airport is not comfortable with the first two options in terms of their
ability to meet their risk-reduction goals. Therefore, the last combination was chosen.
Functional Financial
Combination
Security Score Cost
Vehicle Security Barriers + Facade Enhancement and Vehicle Screening 200 $1,400,000
Vehicle Security Barriers + Vehicle Screening and Crowd Reduction 210 $1,500,000
Vehicle Security Barriers + Vehicle Screening and Crowd Reduction
240 $1,650,000
+ Facade Enhancement
Design Process
This section briefly describes the design process for implementing the prioritized security measures.
Shallow mounted bollards have been selected due to the presence of underground services beneath the
footpath outside the entrances to the airport. These foundations (depth less than 12 inches) can sit atop
these services.
Therefore, the airport has implemented shallow-mounted bollards with a condition designation of M40
P2 (ASTM F2656-15).
Vehicle Screening
Due to the heightened threat level, the airport has decided to implement a vehicle-vetting procedure to
better control access of vehicles to its roadways. Authorized taxis and buses are permitted to enter the
lane closest to the terminal, and public drop-off/pick-up has been pushed back to the second lane. Doing
so has generated a further 25 m of standoff and added a level of screening to drivers using the roads
closest to the terminal. Passengers are also now spread across a large number of vehicle pick-up
locations, reducing the number exposed to a specific blast event.
Furthermore, delivery vehicles are to be screened further down the loading dock access road to allow for
greater standoff distance. This has been combined with a procedure whereby deliveries require prior
authentication, and driver identity is verified at the screening point along with the vehicle registration.
Crowd Reduction
With the objective of reducing crowd density outside the arrivals and drop-off halls, public pick-up and
drop-off zones have been located away from the terminal near the bus shelters, reducing the total
number of people along the terminal roadway. Through collaboration with ride-share services, pick-up
locations have been spread over a number of airport doors, spreading arriving passengers across the
terminal building to disperse crowds.
Facade Enhancement
The installation of ASF to the monolithic glass pane of the airport terminal facade will assist in holding
glass fragments together upon fracture under blast loads. It is not expected that this measure will
maintain the building envelope or reduce the expected hazard level of the glazing under blast, but it will
provide a nominal benefit.
This measure is seen as temporary until such time the airport undergoes major redevelopment and
replaces its glazed terminal facade.
PBIEDs are a particularly challenging threat to mitigate against within non-secure areas. Given their
ease of concealment, these threats often go largely undetected until detonation. The focus of retrofit
items should therefore be:
Step 1 of the framework process has been completed during the risk assessment (see Table 5-8). Step 2
incorporates listing the measures that can be used to mitigate this risk at this particular airport.
Physical Measures
As with VBIED threats, there are several physical measures that have been implemented to protect
against PBIEDs.
• Adequate design and restraint of miscellaneous architectural components to reduce the effects of
fragmentation from a blast event
• The glazing treatments implemented to protect from VBIEDs provide additional protective
benefits in reducing the potential impact of PBIEDs detonated in close proximity to the terminal
facade
• Structural hardening of steel columns through concrete encasement to protect against progressive
collapse from a placed device
Operational Measures
Operational measures that could be considered to mitigate against a PBIED threat include:
• Increase in security patrols in front of house (FoH) areas to identify suspicious behavior and left
objects
• Patrolling activities enhanced by explosives detection canine patrols throughout the front of
house and drop-off/pick-up areas
• CCTV surveillance monitored 24/7 by operational staff within a control room
Technology
The airport has determined the following technology will be implemented to support the operational and
physical security elements:
• CCTV analytics to identify abandoned objects and to facilitate the tracking of suspicious persons
through the airport
• Controlled access (via an electronic access control system) to back of house (BoH) areas—
access to various BoH departments should be person-based rather than discipline-based—to
facilitate greater oversight and control of access to critical FoH areas
• Screening through the deployment of millimeter wave standoff explosive detection equipment at
terminal entrances
Mitigation Assessment
Following a qualitative assessment of all the proposed measures to protect against the blast threats, the
following mitigations have been selected as potentially being able to be incorporated as part of the
holistic blast strategy. The extent of mitigations listed are for example purposes only, and mitigations
may vary depending on the risk assessment process and individual airport characteristics being
considered.
Table B-8. Individual PBIED Mitigation Measures Considered at the Example Airport
Mitigation Description
Explosives Detection Canines trained in explosive detection deployed within the building terminal area to
Canines support security patrols
Additional staffed check-in lanes provided to reduce crowding within the security
Crowd Reduction
checkpoint
An increase in the number of security personnel patrolling the departure hall—some
Security Patrols
security staff are trained in behavioral detection
All miscellaneous glazing replaced with laminated glass and enhanced restraint to
Resilient Finishes
overhead equipment within the ceiling space
CCTV Monitored CCTV with video analytics capable of picking up unattended bags
The measure-scoring portion of Step 2 is shown in Table B-9, followed by the cost estimation for Step 3
of the framework process in Table B-10.
Table B-9. Example Scoring of Mitigation Measures Against Proposed Security Metrics
Annual Cost
Mitigation
(annualized over 15 years)
The outcome of using the Excel-based framework tool is shown in Figure B-8. The combinations within
circles A, B, C, and D were chosen, as they have the highest functional security scores for their
respective cost brackets.
The airport’s assessment of these four combinations is summarized within Table B-11. Combination B
was selected, as it provides an acceptable level of risk reduction within budget. The airport assessed that
they can achieve the budget required over the upcoming years for the operations costs required as
summarized in the expenditure breakdown of Figure B-9.
Table B-11. Assessment Summary of A, B, C, and D Mitigation Combinations
Combination Groups
When referenced back to the risk assessment, it was deemed that these were not adequate in reducing
A
risk to an acceptable level.
B This mitigation is to be considered for implementation and interrogated in more detail.
C Mitigation combination is acceptable but expenditure is too high and not proportionate to risk.
D Mitigation combination is acceptable but expenditure is too high and not proportionate to risk.
Security Patrols, Explosives Detection Canines, and Resilient Finishes 225 $2,750,000
Design Process
This section briefly describes the design process for implementing the prioritized security measures.
Security Patrols
Security patrols are an integral component when implementing a security strategy. They can serve as a
deterrent and respond to a security event as it unfolds. Security patrols have some detection capability,
but are most effective when deployed in combination with supporting measures such as canines and
CCTV technologies. The number of security personnel patrolling the airport can also be readily
increased in an increased threat environment.
Resilient Finishes
Miscellaneous architectural items and building services are not usually designed for blast loads, and
therefore are likely to add to the level of fragmentation in a blast event. It is generally not practical to
enhance these items to directly withstand the blast overpressures; however, practical enhancements to
these elements can significantly reduce the risk to personnel.
As part of the project, a structural and a facade engineer have been asked to incorporate the following
within their design:
• All glazing within the terminal building to be replaced (if required) with laminated glass
• All glazing to be silicone-fixed with a minimum bite length
• Fixing of all miscellaneous architectural items (including glazing) and building services to the
structure is to be designed for a force equal to two times the items’ weight in all directions.
Examples of details incorporating the above are shown within Figure B-10 below.
Figure B-10. Example Details to Improve Finishes Resilience against a PBIED
COST DATA
1. Basis of Pricing
The rough order of magnitude (ROM) estimate is a Class 5 according to Arup’s estimate classification
matrix (Level 5), which was developed from the Association for the Advancement of Cost Engineering
(AACE) best practices.
The accuracy range is a gauge of likely bid prices if the project were issued to tender at the current
stage. The accuracy range of this estimate has been determined to be between -25% and +50%.
This document is based on the measurement and pricing of quantities wherever information is provided,
and/or on reasonable assumptions for other works not covered in the drawings and programs as stated in
this document. The unit rates reflected herein have been obtained from experience with projects of this
nature.
3. Scope of Works
The scope of this cost estimate includes the following:
• Capital costs for different works, which will be applicable for locations within an airport
• Operational costs for different operational measures, which will be applicable for locations
within an airport
• Life cycle costs over a period of 20 years, including capital, maintenance, and replacement costs
4. Documentation
Documentation has been prepared by the project consultant, Arup, for developing this cost estimate:
PARAS 0014 Safe Skies Project, December 03, 2017.
6. Other Costs
• Capital Cost
− An allowance of 20% from direct cost is considered a general requirement, which covers
costs related to general staff wages and fringes, site conditions, and temporary power
− Allow a project reserve of 15% from the total direct cost due to the project's uncertainty
− Allow 10% from the total cost for the contractor's overhead and profit
− Allow 2.5% from the total cost for the contractor's bonds and insurance
• Operational Cost
− Allow a project reserve of 15% from the total operational cost due to the project's uncertainty
− Allow 10% from the total cost for the contractor's overhead and profit
7. Escalation
• An escalation allowance is excluded for the capital cost
• An escalation of 3.5% per year is consider for the 20-year life cycle cost projection
8. General Assumptions
• The values are in US dollars
• The values are from the fourth quarter of 2017
• Material costs are calculated from databases such as RS Means, similar project costs, and
vendors
• Labor rates, fringes, and taxes are calculated based on data from the US Department of Labor,
Bureau of Labor Statistics
• Material, labor, and equipment rates are considered from an average of medium-sized airport
cities
• The medium-sized airport cities considered for this exercise are: Oakland, San Jose, Pittsburgh,
New Orleans, Nashville, and Milwaukee
• The location factor for the different cities was obtained from the portal of RS Means
• The operational cost estimate is not a life cycle cost, meaning that there might be other costs
involved to operate an airport
• The total first year investment is defined as the sum of the capital and operational costs
• A 5% preliminary engineering cost is suggested as part of the total price; however, it is excluded
• The structural, civil, and architectural costs are provided by the sub-consultant BMK
Engineering
9. Working Assumptions
• Capital Cost
− The total unit cost is compounded by material, crew, and sub-contractor overhead and profit
− Crews are composed of labor and equipment, and are defined based on similar project costs
and the RS Means portal
− A 150-foot length of cabling is considered per camera, scanner, and other security equipment
as part of its installation
− A 15% allowance of the material and crew cost is considered as sub-contractor overhead and
profit
− The security devices include the material, labor, and equipment needed to operate as a whole
system
• Operational Cost
− The operational costs are calculated for a year of operations, which is equivalent to 365 days
Blast-Mitigation Strategies for Non-Secure Areas at Airports C-2
PARAS 0014 August 2018
Arup has no control over the cost of labor and materials, general contractor’s or any subcontractor’s
method of determining prices, or competitive bidding and market conditions. This opinion of probable
cost of construction is made on the basis of the experience, qualifications, and best judgment of the
professional consultant familiar with the construction industry. Arup cannot and does not guarantee that
proposals, bids, or actual construction costs will not vary from this or subsequent cost estimates.