Security Doorsets Security is a wide ranging subject and the meaning of the term ‘security doorset’ is primarily in the mind of the person using the term related to their own particular needs and objectives. A ‘security doorset’ may be required to prevent the escape of prisoners or perhaps dangerously mentally ill patients where the ‘security’ element might mean consideration of removable parts that might be used as a weapon or other features related to the risk of self harming. In the case of mentally ill patients consideration must also be given to the security of staff in the event of a need to vacate a building (say) in the event of a fire with minimal risk to both patients and staff. In other cases the term ‘security doorset’ will apply to doorsets that are intended to prevent access to a building or part of a building for the purpose of protecting persons and property. Additionally, the term ‘security doorset’ might be used in connection with doorsets that are tested for bullet resistance or blast resistance by reference to test and performance standards not considered in this document. In this document, we are only concerned with ‘security doorsets’ that are intended to deny access through a doorway, i.e. security by way of access prevention. The primary purpose of any doorset is to provide a means for ‘traffic’ to pass from one side of a wall to the other. Other performances e.g. fire resistance, sound attenuation, security etc. may be considered as secondary performances. Secondary performances can generally only be achieved when the door is in the closed position. In the case of access prevention there is an immediate conflict between the primary performance requirement and a need for an essential secondary performance. Some client organisations have designed and developed their own security doorsets, and have tested the constructions using test methods that reflect their particular needs. This method generally applies to Government organisations such as the Ministry of Defence in respect of military establishments. The ‘need to know’ element is particularly important in relation to security and in these cases a manufacturer might simply be given drawings showing the essential manufacturing details to be satisfied. The manufacturer may not know what particular level or class of performance might be achieved or how the doorset design might have been tested. The manufacturer would generally have no liabilities with regard to the subsequent performance of the doorsets except in so far as the manufactured product complies with the client designs. Similar considerations might apply to other client organisations e.g. some banks and financial institutions may have designs developed in consultation with security advisors that may be manufactured and tested under the same circumstances. The design and testing of these products may be influenced by insurance considerations and are usually associated with wider security provisions. Generally security doorsets will fall into two basic categories:1/ Doorsets intended to be resistant against opportunist (non professional) attack.2/ Doorsets intended to be resistant against professional attack. In the United Kingdom we tend to describe doorsets in the second category as being ‘burglar resistant’ while the first category is generally referred to as ‘forced entry’ resistant. However, proposed European standards use the term ‘burglar resistant’ to cover all categories. Opportunist attack is defined as being an attack normally associated with the casual or opportunist intruder. These attacks result where an opportunity presents itself with no particular regard to the likely success that a breach of the security might bring. The anticipated level of force is not excessive and the tools used to gain entry are more likely to include common hand tools and levers. It is further anticipated that the ‘villains’ involved in such attacks are likely to avoid noise and unnecessary risk and that a limited time will be spent in attempting entry. A professional attack is defined as being an attack by a more experienced professional burglar with a more focused aim and with knowledge of the likely reward that a breach of the security might bring. The professional attack is generally planned with some knowledge of the security elements that may need to be defeated. Organised crime syndicates may be involved. Noise and time issues may be of lesser concern and the tools used to breach the security may include power tools. The basic categories are further sub divided to reflect a level of risk. The ‘security’ ratings currently used in the United Kingdom are published by reference to www.securedbydesign.com – ‘Guide to Security Standards for Doors and Windows’. The grading is related to test methods that include static, dynamic and manual test methods. The static and dynamic tests are repeatable and are carried out using calibrated laboratory equipment. The manual tests are, as the name suggests, carried out by persons using a range of tools for specified periods of time according to the particular target grade. To provide for CE marking, European Standards prEN1627 ~ 1630 have been published. The proposed European Standards follow the same principles as defined by reference to the LPS1175 range of tests with six grades of performance defined by reference to Table C.1 of prEN 1627 : 2006. The ‘Secured by Design’ programme makes reference to PAS24. This is identified as a ‘Low Risk’ performance designed - to resist an opportunist attack. PAS24 test details are published by British Standards and are in effect a ‘client specification’ by reference to Local Authorities planning requirements, to provide for a level of security for single leaf entrance doors for residential buildings. The PAS24 test is supported by ACPO (Association of Chief Police Officers) as part of the Secure by Design initiative. In terms of grading, the performance falls somewhere between LPS1175SR1 and LPS1175SR2 and is between Classes 1 and 2 by reference to the proposed European standards. Since its introduction, there have been about five amendments to the PAS24 test. This does not necessarily reflect a deficiency in the test methods employed but rather a feature that is perhaps unique to doorsets required to provide for a security performance. The ‘villain’ constantly finds new and innovative methods for breaching security and PAS24 needs to be constantly amended to react to new threats. As it is, it may be some months and perhaps longer before the test method can be adequately amended to meet a new threat, in the meantime doorsets tested to previous versions of the standard remain vulnerable to the new method of attack. When considering European standards, the methods for seeking amendment to an established standard requires the involvement of a lengthy and bureaucratic process that is currently far too slow a process to provide for the rapid reactions necessary to address problems of this nature. There is also an obligation upon governments in particular to accept CE marking as evidence of satisfaction of performance requirements. This consideration forms part of the UK objection to the introduction of the EN1627 ~ 1630 standards. The causes for concern with regard to the introduction of EN1627 ~ 1630 relate primarily to the manual intervention tests i.e. EN1630:• To have credibility as a CE marked product, it should be possible to repeat a test result in any laboratory that is approved for such testing within the tolerance limits applicable to the test. It is unclear how the physical characteristics and / or the state of mind of the attacker could be controlled to provide for such a uniformity of result.• For EN1627 Grades 1 ~ 3, the objective is to resist a casual or opportunist attack. Laboratory staff carrying out such attacks are likely to learn how to breach the security of a particular design as a consequence of testing experience. It is unclear as to what point an attack that is intended to represent an ‘opportunist’ attack effectively becomes a ‘professional’ attack as a consequence of the learning experience, or how such considerations could reasonably be addressed. The considerations identified above also apply to PAS24 and other tests that include a manual intervention element. However, it is suggested that it is easier to address such concerns on a local (national) basis rather than by recourse to the lengthy and bureaucratic processes necessary to address such issues in respect of European standards. A further concern with regard to the European standards in general, and to EN1627 in particular, is the extent to which extraordinary and seemingly unnecessary powers are being provided to the testing laboratories following the introduction of the CPD (Construction Products Directive). This is illustrated by reference to Annex D of EN1627 and in particular the first line of Annex D.3 which requires an ‘expert statement written by the testing laboratory’ in respect of modifications to a tested product. It is suggested that the role of the testing laboratories is to competently test products to the standards required by the sponsor. It is not necessary for the test laboratory to have detailed knowledge of constructions or how a particular result was achieved. Any unnecessary publication of information related to security products in particular (perhaps even the publication of test methods) is, in itself, a breach of security. It is likely that the best person to determine what might or might not be a suitable variant to a tested product is the designer of a successful product. There are two basic forms of attack that may be anticipated in respect of security doorsets:1/ Brute force physical attack2/ Manipulative attack. All too frequently we see on our televisions police raids being carried out in connection with drugs or for other reasons. Speed and surprise are an important element in connection with such raids and the form of attack usually employs brute force using a steel battering ram carefully aimed at a known vulnerable part of a doorset. This method of entry is an example of the ‘brute force’ or physical attack. Anyone who has ever lost their house keys may have needed to contact a locksmith to assist with entry. Those who have experienced such misfortune may identify with the scenario that the time for attendance in such an emergency often seems excessive but, that entry is gained often within seconds of the locksmith’s arrival usually at a considerable cost in consideration of the skill and knowledge that was applied rather than, for the time of the attendance. The method of entry is generally guarded but is usually achieved by the use of manipulative methods. Elements that can influence security in connection with doorsets are many and various. The testing of security doors relates to the complete doorset as installed, rather than individual components. Considerations related to security doorsets might include: Perception: An opportunist attack will generally be concentrated on perceived weaknesses identified by way of visible examination. If a door looks solid and secure then that in itself may act as a deterrent.