DE6.1, part of CIBSE’s Digital Engineering Series, is intended to assist those that commission, design, construct and operate built assets in understanding the implications of security on building services design. These implications may revolve around national security, commercial security or private security. Each will have individual requirements, and this publication looks to provoke thought in this regard. The solutions will be a matter for each individual organisation, company or person to ascertain.
A webinar on this topic was held in April 2019 - to view the webinar, click here:
This guidance considers the risks and threats associated with security, and examines these in the context of building services design and how those considerations should change our approach to basic design considerations; it also identifies the need for dedicated security experts to review and feed into each design.
Building services are increasingly part of the connected world, and this presents outside actors with opportunities to interfere with these services for myriad reasons. Such interference can have commercial or functional implications, and can affect the safety of a built asset; but most of this interference can be avoided by implementing simple changes in design philosophy.
Buildings form an increasingly important part of our national infrastructure as their internal systems become ‘smart’ and connected. They are becoming correspondingly more vulnerable to attack by virtue of their increasing profile and accessibility.
This publication will give readers an understanding of how to carry out a basic risk/ threat assessment, and to understand their own limitations — and thus, help readers to decide when to seek expert help to ensure that building services designs do not cause undue weaknesses to be designed into these vital systems.
We have also provided templates that should help with organise Model Review Meetings, which are available here:
Contents of DE6.1:
- Terms and definitions
- Context Analysis
- Risk Analysis
- Stage one: Setting the case for security
- Stage two: Assess security requirements
- Stage three: Understand the design
- Stage four: Cause and effect
- Risk Appetite
- Basic wins
- Complex solutions
Andrew Krebs - Hoare Lea LLP
Hugh Boyes - Bodvoc Ltd
Carl Collins - Consultant to CIBSE
John Taylor - Hoare Lea LLP
Matt Crunden - Legrand Electric Ltd
Miguel Castro - Schindler Ltd
Gavin Dunstan - SES Engineering Services