Arresting the Demons

The commonly used phrase, “the devil is in the details,” is adapted from a saying attributed to the American architect Mies van der Rohe. In its original incarnation, “God is in the details,” the phrase was used to refer to the intricacies that comprise a finished architectural work of art — it is in the execution of the details that the success of the whole will depend. But too often the details can prove to be the torment of the designer.

The systems engineer might repeat the motif, with less eloquence perhaps, as, “the challenge is in the interfaces.” The phrase doesn’t have the ring of the poet, but it does aptly describe the work required to assemble and integrate the security systems required for a busy Canadian border crossing.

The bane of the system designer’s life is coordination, and wherever access is implemented by the electronic control of doors, the designer has a coordination issue to deal with. The problem exists regardless of the venue, but with airports, courthouses, detention centres and border crossings, it is especially acute. A common element to these buildings is the stratification of the class of occupants and the need to provide easy circulation within each stratum but, at the same time, to prevent uncontrolled transit from one stratum to another.

The image of the onion, with nested layer on layer, is useful to illustrate how stratification or area zoning occurs within a secured building: the inner core is the most secure, the outer areas are public and the least secure.

Providing a secure entry system can be complex enough, but when the dual demands of detention and life-safety are superimposed as in a border crossing, the design issues become particularly complex.

Layers of complexity

A typical border crossing building accommodates four classes of occupant. First there is the border authority that owns the building and acts on behalf of governments. Second there are the Canada Border Service Agency officers. Third are travellers’ aids — non-profit organizations to help newcomers to Canada. Finally there is the travelling public.

The border authority has the right, and indeed the responsibility, to operate, maintain and protect the building. For that, they require full control of the security arrangements in and out of the various premises and the immediately surrounding areas.

It is the mandate of the border crossing authority to present all travelling persons to the customs officials for inspection before they can be admitted to the country. This kind of security is not achieved simply by constructing a fence or a wall, because day-to-day transactions such as the delivery of goods, access for emergency vehicles and exit for impounded vehicles, all require exit routes literally large enough to drive a bus through.

As well as having to be made difficult for the public to enter, the building provides areas with increasing levels of egress difficulty. These range from simple private interview areas into which the traveller is escorted by the officer through access control systems, escalating to fully secure detection cells. Staff have the right to a safe workplace, so vigilance is required and an elaborate camera network provides real time monitoring. The camera array must work in conjunction with the access control systems.

Suspicious individuals are interviewed in a setting that is designed to prevent them making a quick escape, yet the area must still allow them to be evacuated under control in the event of a fire or other emergency. The building codes must be complied with, but as with all buildings that accommodate federal employees and for which a municipal building permit will be sought, the provincial and national building codes must both be met.

Design strategies

A policy decision required early in the design process is how the owners and the occupants are to share their related but separate requirements of premises security. A border crossing cannot be treated as a simple landlord and tenant situation, so the premises and the respective parties benefit greatly if they can come to an early agreement that one party will be responsible for building security. With current technology in information management, partitions in the credentials database can be created by the owner but securely managed by the tenant, thereby providing each party with protection.

After the occupants and the architects are near to completing the “blocking and stacking” design of the building, the most important dialogue will be between the interior designer, the door hardware specialist and the security systems designer. This part of the work can be particularly problematic because the physical performance criteria of a zone portal can be fulfilled in numerous ways and the electrical designer prefers to know beforehand what door hardware will be installed so that the remaining design can be completed with as few variables as possible.

Electronic architecture

An appropriate electronic architecture for an access control system is based on a distribution of control modules for the electrical actuation or release of the hardware devices about the premises. In contrast, the management of data is easiest when centralized.

At any transition zone, typically a device — a pass card — is presented. But this is not always sufficient. A PIN, or bioidentity such as retina scan, finger print, iris scan, facial scan or body weight may be required. Numerous admittance criteria might apply, including the elapsed time since the person last attempted entry.

The person’s data, normally referred to as their “credentials,” are usually held on a server in a secret and secured location removed from the site. The distributed controllers continuously train as they process incoming data from the field devices, such as card readers, door-open switches and motion detectors. New credential information is obtained from the central site and is added to the local file, available for immediate use on the next occasion when the card is presented. As well as cutting down on network traffic, the use of local data caches reduces the dependence of the overall system on the credentials server.

When an urgent condition affecting the overall site is entered into the server, that information is “pushed” to the remote controllers and immediately informs them of the change in state. A “heartbeat” protocol between the controllers and the network informs the server and the controllers that the system is fully available — or not! And, when all else fails, the system will revert to a “secure on failure” condition, with mechanical keys as the backup.

So although it may be true that the “devil is in the details,” it is by careful attention that we can successfully arrest those demons that would see order displaced by chaos.

Peter Sharp is the senior telecommunications consultant at Giffels Associates in Toronto.