The 10 Commandments of External Perimeter Security
by Terry McGhee

Solving a facility’s perimeter security problems can be a harrowing ordeal. Several factors can challenge even the most experienced security integrator. More and more emphasis has recently been given to exterior perimeter security so it is imperative to acquaint oneself with the basic ground rules before attempting to design such a system.

Experience has shown that most system designs lack a basic understanding of the inherent principles of sensor technology, which stems from installers not examining the real as opposed to perceived threats. This is further complicated by people not giving equal consideration to all four of the working parts of any security system: Detection, Delay, Assessment, and Response. The following “10 Commandments” of external perimeter security were created to provide straightforward guidelines for designing and installing an exterior Intrusion Detection System (IDS).

The 10 Commandments of External Perimeter Security

1. Give equal consideration to all aspects of exterior Intrusion Detection Systems: Detection, Delay Assessment and Response.

2. Know the real threat. What type of intruder are you trying to deter or capture?

3. Know the strengths and weaknesses of each sensor type and complement with additional types if necessary.

4. Follow sensor manufacturer guidelines. Misapplication can be a disaster.

5. Make sure sensor zone lengths do not exceed Assessment and Response capabilities.

6. Inspect the perimeter routinely. Include appropriate reporting and responsibility assignments.

7. Check the sensor line routinely with a walk test.

8. Conduct appropriate service and maintenance to both sensors and their mounting platforms. Include adequate battery backup and UPS.

9. Ensure that limited security budgets do not cause a poor installation (If something is worth doing, it is worth doing right.)

10. Provide routine system training for those who operate and respond to the system.

The Threat
The first step in designing an external perimeter security system is to perform a logical threat analysis. Real versus perceived threats must be evaluated with the understanding that no design is 100% perfect, and all systems will have some degree of successful penetration risk. It is equally important to study the typical intruder profile….is the intruder a juvenile vandal or a trained security electronics expert? These considerations will help minimize the risk within the customer’s budgetary and logistical constraints while maintaining a perimeter security system that has the highest probability of locating an intruder.

The Site
It is vital to evaluate the condition of the physical barriers like fences, walls, etc. A solid outer perimeter barrier is critical because it acts as an initial deterrent and protection against environmentally-caused nuisance alarms (wind-blown debris or stray animals). This barrier may also serve as a mounting platform so it should be compatible with your selected sensor. Keep in mind that this perimeter sensor area must be well illuminated, visible to the assessment and response personnel, and have access to power and be easy to maintain.

The Sensors
Today, sensors that are designed for outside use are generally reliable….if they are applied properly. The performance of all sensors can be measured by three standards:

1. Probability of Detection (Pd);
2. Nuisance Alarm Rate (NAR); and
3. Vulnerability to Defeat (Vd).

A viable sensor should rate favorably for all three criteria. “Nuisance” and “False” alarm are typically used synonymously, but should be differentiated when discussing sensor performance. Nuisance Alarm Rate refers to any unidentified environmentally-caused alarm or those alarm causes the sensor is designed for. False Alarm Rate (FAR) should be defined as that caused by a faulty component or circuit, such as a failed tamper switch. An acceptable False Alarm Rate is about one every two years. Solid state systems of today should all be “burned-in” during production. An acceptable Nuisance Alarm Rate should be around one per zone per week maximum.

Probability of Detection
As a manufacturer of sensors, we many times receive copies of bid solicitations where there is a requirement for a “Probability of Detection of 97.32%.” Probability of Detection must be qualified as it is a relative term, taking into consideration the method of intrusion, the sensor’s sensitivity setting, weather conditions, manufacturers’ specifications and more. Any sensor manufacturer can give you a 99.99% Probability of Detection under ideal conditions, but this does not address the other sensor performance characteristics of Nuisance Alarm Rate and Vulnerability to Defeat.

Nuisance Alarm Rate
Excluding a failure in an electronic component or another piece of sensor equipment, a Nuisance Alarm Rate is any alarm that is not caused by an intrusion. All sensors interact with their environment and cannot discriminate 100% between intrusions and other events in the detection field. This is why effective alarm assessment is mandatory. A Nuisance Alarm Rate of one nuisance alarm per detection zone per month is acceptable only if it is qualified by taking other environmental factors into consideration as mentioned above.

Vulnerability to Defeat
Sensor defeat consists of an intruder either bridging (bypassing) or spoofing the system. A strain-sensitive cable sensor mounted on a perimeter fence and dependent upon the intruder physically penetrating the fence can be simply defeated by bridging the fence. A well-schooled intrusion team can also defeat the sensor by defeating the assessment and response actions. Numerous, repeated alarms caused at various places along the perimeter over short periods of time, will usually frustrate assessment methodology and allow successful intrusion during periods
of confusion.

A sensor’s Vulnerability to Defeat weakness does not necessarily rule out its effectiveness, it also depends upon the degree of sophistication of the threat and the resulting loss risk. With a higher threat level and high break in loss risk, it is common to use multiple levels of complementary sensor types. A Complementary Sensor is one which will fill in for the Vulnerability to Defeat weakness of another and not be collocated. For example, a fence sensor may have a higher Vulnerability to Defeat from bridging, but if backed up by a large area volumetric microwave or buried active RF system, it is entirely acceptable.

Sensor Classification
Sensors are classified into five different types:

1. Passive or Active
2. Covert or Visible
3. Line of Sight or Terrain Following
4. Volumetric
5. Line Detection.

A Passive sensor is non-radiating and detects some type of radiant energy, or a change in a natural field caused by the movement of the target. Examples are passive infrared; seismic or magnetic; fence disturbance; sensor fences or video motion detection. One advantage is its difficulty of being intruder-identified. An Active sensor uses a radiated energy to create a detection field that is disturbed by the intruder. Examples would be microwave; active infrared and RF buried or surface-mounted. Active sensors offer more data for advanced signal processing and are more difficult
to defeat by spoofing.

There are two opposing views on the merits of either Covert or Visible sensors. Some think that the exposed sensor acts as a good intruder deterrent and allows for easier installation and maintenance. Others want an invisible sensor so as not to reveal the perimeter intrusion detection system. Most knowledgeable intruders will know some sort of sensor is present as the sensor area is often clearly visible. The much higher installation costs of covert sensors cause most customers to take another look at this philosophy.

Line of Sight sensors need an unobstructed view from origin of detection field to its termination. Examples would be bi-static and mono-static microwave, active and passive infrared. These sensors are easier to install and service, but usually require site preparation and the detection zone is also well defined to the observer. The Terrain Following sensor solves the problem of having to perform site civil works, but it still has high installation and maintenance costs. Examples would be buried sensors; sensor fences; fence-mounted sensors and RF electric field sensors. The more the sensor mounting platform goes up and down, twists and turns, the higher the sensor equipment and installation costs.

Volumetric sensors have a three-dimensional detection field or a wide area of detection to make system defeats more difficult. Examples include microwave, passive infrared, electric field, video motion and buried ported coax. These sensors offer the highest Probability of Detection, but require more real estate. Practically all higher-risk sites will use at least one volumetric sensor.

The Line Detection sensors detect along a finite line or point. Examples are fence-mounted, strain sensitive sensors and sensor fences. These sensors require less real estate and are much easier to defeat by bridging or bypassing since they often require physical contact. The sensor-mounting platform requires high maintenance for optimum performance.

The Future of Perimeter Intrusion Detection
Sensors today are rapidly becoming “smarter” through advanced digital signal processing. Reduced customer security budgets are creating a demand for more efficient Intrusion Detection sensors so companies have developed “Neural Network Processing”, a type of adaptive learning where the sensor actually establishes a library of acceptable and unacceptable signatures.

This newest form of “smart” sensors will employ the use of new and powerful microprocessors, which can be collocated within the sensor, allowing high speed processing of data that instantaneously adapts the sensors optimum performance to changes in the environment. Sensors can be in constant communication to compare exterior stimuli, so wind and rain-caused stimuli can be detected by many sensors and programmed to ignore an event that would otherwise cause a nuisance alarm.

Since these systems are computer software driven, site monitoring and troubleshooting can be done from remote locations through a modem. They also have the ability to locate an intrusion or nuisance alarm to within a few meters, thereby greatly improving alarm assessment and diagnostics.

Putting it all Together
The “10 Commandments” of external perimeter security should provide a basic framework for this topic. It is imperative to not only have the right equipment, but a proper implementation. Remember to ask the sensor manufacturer for customer references and performance specifications. Even the “best” sensor, if misapplied, will provide less then favorable results.

About the Author
Terry McGhee is the Special Projects Manager for Southwest Microwave, Inc., and has 30 years of experience in the security industry. He is a member of the American Society for Industrial Security. You can contact the author at 1-800-587-5995.