Designing physical security for complex infrastructures

This paper uses security-in-depth principles to provide practical guidance for the design of physical security in complex infrastructures. Working from the central tenet of security-in-depth, that the strength of security comes from the coherence of the entire security system rather than just the technical excellence of sub-systems, a practical framework is constructed for assessing the risk reduction of an infrastructure security design proposal. In this way, alternative proposals may be evaluated for their effects on the overall security risk to a system, taking into account a broad threat and hazard space. The approach includes explicit consideration of organizational factors and management structures, ensuring that the design is consistent with enterprise objectives as well as internal and external policy and legal constraints.