Physical Security System Sensitivity to DBT Perturbations

This thesis examines how perturbing selected adversary capabilities in a design basis threat (DBT) may affect the assessment of a facility's security system performance. We found that using a strictly defined DBT to design and analytically test facility security systems can lead to invalid assessments that security measures are meeting standards. Design Basis Threats are intended to represent the most severe yet realistic attack a facility might face. However, the static nature of the standard DBT makes it unable to test the performance of a facility security system in the case where a specialized adversary may possess different capabilities than defined in the DBT. Our analysis of security system performance for various modeled facilities revealed significant vulnerabilities to certain perturbations of adversary capabilities. These vulnerabilities went undetected when the original strictly defined graded DBT was used in the assessment procedure. By maximizing one adversary capability at the expense of others, a specialized adversary force was able to efficiently defeat each facility.

To address this problem, we proposed employing a so-called "point-based" DBT as an alternative to the existing strictly defined DBT. In a point-based DBT, multiple scenarios are assessed that test different sets of adversary capabilities to better uncover and understand any security system vulnerabilities that may exist. We believe the benefit of identifying these site-specific security vulnerabilities will outweigh the additional cost of generating a point-based DBT, especially if the vulnerabilities are identified during the initial design of the security system.