Download PDF version Contact company

There is a saying that ‘Everything is Bigger in Texas,’ and the Dallas police department fits the bill. The Dallas Police Department is the ninth-largest municipal police force in the U.S., with 3,099 sworn officers and 598 non-sworn staff. It is led by Chief of Police Edgardo (‘Eddie’) Garcia.

In the last several years, the Jack Evans Police Headquarters building (named after the 53rd mayor of Dallas) has been upgrading its physical security using a layered approach to ensure the safety of officers and visitors 24/7. The most recent addition is a brand-new fence line fortified with vehicle gates and Boon Edam Turnlock full height turnstiles to control pedestrian access into secured parking areas.

Isolating potential hazards

The Jack Evans Police Headquarters building was built in 2003. The six-floor facility has 358,000 square feet and is spread over a three-acre site, with a separate 1,200 car parking garage and a two-acre, open parking lot for additional police and visitor parking.

In an average month, there are 5,000 public visitors to the Jack Evans building

The Headquarters building was under construction when 9/11 terrorists flew airplanes into the World Trade Buildings in New York. Therefore, security was a concern in its original design. Police officials worked with a Police Design Consultant – McClaren, Wilson, and Lawrie Architects of Phoenix, AZ – to help design the building to resist a terrorist attack and isolate potential hazards. The building also needed to control visitor traffic and access. In an average month, there are 5,000 public visitors to the Jack Evans building.

Conducting security assessment

After midnight on June 13, 2015, a 35-year-old male placed a duffle bag with a remote-controlled bomb to detonate later between cars in the parking lot of the headquarters building. The suspect then began shooting continuously at the lobby windows with a rifle. Officers responded to the scene, a vehicle chase began, and the incident ended outside the city. Fortunately, officers in the lobby took cover and were not injured.

Following that incident, the Dallas Police Department conducted a security assessment of the building, and also at seven patrol stations throughout the city. The assessment included testing various construction materials for bullet resistance to various types of weapons. Gensler Architects and Guidepost Solutions, LLC developed the solutions and plans. Paul M. Schuster, Senior Corporal/Facilities Management, was responsible for managing the implementation of the security upgrades.

Present outright attack

The police officers and staff only want a place that is safe and where they can do their good work"

The police tend to be a symbol of government and some citizens see that as a visible target to lash out at,” says Schuster. Police officers are trained to expect the routine types of calls, such as domestic violence, traffic accidents, and other crimes.

Yet they must be flexible to anticipate the non-routine that can be dangerous and change in a heartbeat. Yesterday we were concerned about handguns, today we are worried about rifles, and the idea of terrorism is always present with outright attacks or bombs. The police officers and staff only want a place that is safe and where they can do their good work.”

Public records service

Layer 1 – Upgrading the Building’s Lobby Security with Detection and Prevention - In 2016, funding of $1.3 million was approved to upgrade the lobbies of the seven patrol stations to withstand rifle rounds, and $1.9 million to improve headquarters lobby security, and to upgrade an aging security system.

In 2016, funding of $1.3 million was approved to upgrade the lobbies of the seven patrol stations

Turner Construction Company and Convergint Technologies, LLC conducted the renovations and security technology integration. The headquarters’ lobby was initially built as a two-story glass-walled structure, with an information desk and public records service windows. Visitors could freely enter the lobby and were only screened in an open area to the side if going to the upper floors.

Upgrading lobby security

The challenge in upgrading lobby security was the two-story lobby entrance glass. The glass was not bullet rated, due to budget constraints. Changing the front of the building to support ballistic rifle-rated glass would have caused extensive time, exposed the inside of the lobby to weather, and would not have solved all of the security issues. In addition, there were concerns about keeping an ‘open’ and friendly service concept in mind and ensuring that the lobby would not resemble a ‘fortress’,” Schuster said.

The solution was to retain the original, two-story glass exterior but add a layer of security inside once a person enters the lobby – a new separate security screening room. A new interior wall with bullet-rated glass and solid bullet-resistant wall materials was constructed inside the lobby to channel visitors to the room.

Security revolving door

The door will reject both users and they must request permission from the guard

Now, all visitors must pass through a metal detector and have their belongings x-rayed prior to entering the original lobby. The room itself also has bullet resistant walls to enable containment of any violent disruption or shooting inside.  

Once a visitor has been cleared, they exit the screening room into the main lobby via a Boon Edam Tourlock 180 security revolving door which is set to allow only one-way traffic into the lobby. The Tourlock is the most advanced security revolving door in the Boon Edam product range for its ability to prevent tailgating by unauthorised users. If more than one person tries to enter a compartment, the door will reject both users and they must request permission from the guard to pass through again, one at a time.

Overhead police helicopter

At the end of their visit, visitors will exit the building via the lobby through a separate Boon Edam Tourlock 180 that leads into the front vestibule where they first entered the building. The Tourlock is set to allow public visitors to exit only and will reject attempts at re-entry.

The first layer of security was completed inside the Headquarters building

However, any police officer or staff can present a credential and use the door to enter the lobby with a valid credential. In this manner, the first layer of security was completed inside the Headquarters building, while keeping the best aspects of the lobby design, including the antique police car, and the overhead police helicopter.

Western access points

Layer 2 – Upgrading the Headquarters’ Perimeter Security with Protection and Deterrence - In 2021, the Headquarters building implemented its next, planned security layer to deter crime and violence in the outer ten acres of the property complex, which consists of the three-acre building site, a two-acre, open parking lot, a five-acre garage and an access street between those. This phase was financed by a $1.2 million bond in 2017.

Surrounding the north, south and western access points around the facility is a brand new, Impasse II heavy-duty steel palisade fence by Ameristar in a black powder coat finish. The fence is comprised of individual steel pales secured vertically to a framework of specially formed rails and I-beam posts. The pales bend outward at the top to deter climb-over attempts by intruders.

Pedestrian entry option

Close by is a Public Transit Light Rail station which some officers use to and from work

At the north and south entrances located on an access road behind the Headquarters building, HySecurity and Lift Master motorised gates are positioned to allow only authorised police officers and staff to access the exterior secure areas by car. Adjacent to each of these vehicle gates are Boon Edam Turnlock 100 full height turnstiles to allow pedestrian police officers to enter the parking area and walk into the headquarters building.

Close by is a Public Transit Light Rail station which some officers use to and from work; and some officers choose to park their personal vehicles outside the secure area; therefore, the Turnlock 100’s provide a discrete, pedestrian entry option that safeguards users who otherwise might walk through the vehicle gates and risk injury or allow unauthorised vehicles to enter.

Outdoor weather conditions

The Turnlock 100 turnstiles were selected for their ability to stop tailgating and also for their rugged construction that can withstand outdoor weather conditions. Their full height structure deters climb over attempts and a black powder coat finish was selected to match the adjacent fencing perfectly.

The Turnlock 100 turnstiles were selected for their ability to stop tailgating

On the west side of the property, adjacent to the quartermaster’s building, is a public parking lot for visitors. Another Impasse II fence separates this parking lot from a staff-only, side entrance into the Jack Evans headquarters building. The fence forces all public visitors to walk on the sidewalk to the front of the building to enter via the main entrance and screening room.

Police fleet parking

However, any police officers that are walking across the lot from the quartermaster’s building can use their badge to access the staff-only, side entrance to the Headquarters building by entering through a third, Boon Edam Turnlock 100 turnstile.

The exterior fencing around police fleet parking and the Headquarters building improves the safety of officers, staff and the building itself by keeping potential threats out at a distance. Police facilities, and particularly police headquarters, are subject to incidents ranging from ‘random’ violence on individual officers to large protests related to local or national incidents. “While usually peaceful, we have noticed that as the groups disband or move to other protest sites, groups of individuals will test site security by pulling on exterior entrances to see if they can gain access and potentially be disruptive to operations,” stated Schuster.

Police facility design

Separation of the public from the movement of prisoners is at the core of good police facility design

A concern is if one person can open the entry, others will follow and outnumber responding officers. The one-at-a-time access granted by the Turnlock 100 turnstile allows police to better control and separate individuals that might be disruptive or who might follow officers accessing the secure area.”

Police facilities are usually designed to provide enclosed areas to move arrested persons from vehicles to holding or processing-controlled environments. If these staging areas are overflowing, officers may park their vehicles in the fleet area and walk the prisoner into the building. Separation of the public from the movement of prisoners is at the core of good police facility design.

Open parking lots

There have also been incidents nationally, where officers are beginning their shift and walk to their patrol vehicles to secure their work gear and are attacked by pedestrians walking through open parking lots. If you think of patrol vehicles as ‘mobile offices’, it is easy to see that officers can become distracted as they begin their shifts and not always aware of their surroundings until they leave the property. Securing these fleet areas should be the practice everywhere,” says Schuster.

These areas are often directly adjacent to the building and are therefore a concern because of threats

Every facility must also contend with deliveries, and medium to large facilities usually have loading docks and trash recycling. These areas are often directly adjacent to the building and are therefore a concern because of threats such as vehicle bombs or incendiary items in trash dumpsters; for the police headquarters it made sense to secure these areas from public access.

Physical security plan

Securing the private access road to the Jack Evans Police Headquarters has always been a desire, and now the addition of the steel fencing, the vehicle gates and Boon Edam turnstiles has created a barrier of safety that protects all of our people and assets to the very edges of our property,” states Schuster.

This new deterrence layer makes our officers and staff feel safer and it protects our fleet of vehicles and the back sides of the building from random attacks, bombings or shootings. We are very glad to have this second phase of our long-term physical security plan completed.”

Download PDF version Download PDF version

In case you missed it

Sensor data fusion for more reliable intrusion alarm systems
Sensor data fusion for more reliable intrusion alarm systems

Intrusion alarm systems are currently facing a growing number of potential error sources in the environment. At the same time, alarm systems must comply with increasingly demanding legal requirements for sensors and motion detectors. As a future-proof solution, detectors equipped with Sensor Data Fusion technology raise the level of security while reducing the risk of cost- and time-intensive false alarms. This article provides a comprehensive overview of Sensor Data Fusion technology. Anti-masking alarms A cultural heritage museum in the South of Germany for decades, the installed intrusion alarm system has provided reliable protection on the premises. But suddenly, the detectors trigger false alarms every night after the museum closes. The system integrators are puzzled and conduct extensive tests of the entire system. When they finally identify the culprit, it’s unexpected: As it turns out, the recently installed LED lighting system in the museum’s exhibition spaces radiates at a wavelength that triggers anti-masking alarms in the detectors. Not an easy fix situation, since a new lighting system would prove far too costly. Ultimately, the integrators need to perform extensive detector firmware updates and switch to different sensor architecture to eliminate the error source.  This scenario is by no means an isolated incident, but part of a growing trend. Need for reliable detector technology Legal requirements for anti-masking technology are becoming stringent in response to tactics by criminals The number of potential triggers for erroneous alarms in the environment is on the rise. From the perspective of system operators and integrators, it’s a concerning development because every false alarm lowers the credibility of an intrusion alarm system. Not to mention steep costs: Every false call to the authorities comes with a price +$200 tag.   Aside from error sources in the environment, legal requirements for anti-masking technology are becoming more stringent in response to ever more resourceful tactics employed by criminals to sidestep detectors. What’s more, today’s detectors need to be fortified against service outages and provide reliable, around-the-clock operability to catch intruders in a timely and reliable fashion. Sensor Data Fusion Technology In light of these demands, one particular approach has emerged as a future-proof solution over the past few years: Sensor Data Fusion technology, the combination of several types of sensors within one detector – designed to cross-check and verify alarm sources via intelligent algorithms – holds the keys to minimising false alarms and responding appropriately to actual alarm events. This generation of detectors combines passive infrared (PIR) and microwave Doppler radar capabilities with artificial intelligence (AI) to eliminate false alarm sources without sacrificing catch performance. Motion detectors equipped with Sensor Data Fusion technology present a fail-proof solution for building security “It’s not about packing as many sensors as possible into a detector. But it’s about including the most relevant sensors with checks and balances through an intelligent algorithm that verifies the data for a highly reliable level of security. The result is the highest-possible catch performance at the minimum risk for erroneous alarms,” said Michael Reimer, Senior Product Manager at Bosch Security Systems. Motion detectors with sensor data fusion Looking ahead into the future, motion detectors equipped with Sensor Data Fusion technology not only present a fail-proof solution for building security. The comprehensive data collected by these sensors also unlock value beyond security: Constant real-time information on temperature and humidity can be used by intelligent systems and devices in building automation. Integrated into building management systems, the sensors provide efficiency improvements and lowering energy costs Integrated into building management systems, the sensors provide the foundation for efficiency improvements and lowering energy costs in HVAC systems. Companies such as Bosch support these network synergies by constantly developing and optimising intelligent sensors. On that note, installers must be familiar with the latest generation of sensor technology to upgrade their systems accordingly, starting with a comprehensive overview of error sources in the environment. Prominent false alarm triggers in intrusion alarm systems The following factors emerge as frequent triggers of false alarms in conventional detectors: Strong temperature fluctuations can be interpreted by sensors as indicators of a person inside the building. Triggers range from floor heating sources to strong sunlight. In this context, room temperatures above 86°F (30°C) have proven particularly problematic. Dust contamination of optical detectors lowers the detection performance while raising susceptibility to false alarms. Draft air from air conditioning systems or open windows can trigger motion sensors, especially when curtains, plants, or signage attached to the ceilings (e.g. in grocery stores) are put in motion. Strong light exposure directly on the sensor surface, e.g. caused by headlights from passing vehicles, floodlights, reflected or direct sunlight – all of which sensors may interpret as a flashlight from an intruder. Extensive bandwidth frequencies in Wi-Fi routers can potentially confuse sensors. Only a few years ago, wireless routers operated on a bandwidth of around 2.7GHz while today’s devices often exceed 5GHz, thereby catching older detectors off guard. LED lights radiating at frequencies beyond the spectrum of visible light may trigger sensors with their infrared signals. Regarding the last two points, it’s important to note that legislation provides clear guidelines for the maximum frequency spectrum maintained by Wi-Fi routers and LED lighting. Long-term security But the influx of cheap and illegal products in both product groups – products that do not meet the guidelines – continues to pose problems when installed near conventional detectors. For this reason, Sensor Data Fusion technology provides a reliable solution by verifying alarms with data from several types of sensors within a single detector. Beyond providing immunity from false alarm triggers, the new generation of sensors also needs to comply with the current legislature. These guidelines include the latest EN50131-grade 3, and German VdS class C standards with clear requirements regarding anti-masking technology for detecting sabotage attempts. This is exactly where Sensor Data Fusion technology provides long-term security. Evolution of intrusion detector technology Initially, motion detectors designed for intrusion alarm systems were merely equipped with a single type of sensor; namely passive infrared technology (PIR). Upon their introduction, these sensors raised the overall level of building security tremendously in automated security systems. But over time, these sensors proved limited in their catch performance. As a result, manufacturers began implementing microwave Doppler radar capabilities to cover additional sources of intrusion alarms. First step detection technology In Bosch sensors, engineers added First Step detection to trigger instant alarms upon persons entering a room Over the next few years, sensors were also equipped with sensors detecting visible light to catch flashlights used by burglars, as well as temperature sensors. In Bosch sensors, engineers added proprietary technologies such as First Step detection to trigger instant alarms upon persons entering a room. But experience in the field soon proved, especially due to error sources such as rats and other animals, that comprehensive intrusion detection demands a synergetic approach: A combination of sensors aligned to cross-check one another for a proactive response to incoming signals. At the same time, the aforementioned bandwidth expansion in Wi-Fi routers and LED lighting systems required detectors to implement the latest circuit technology to avoid serving as ‘antennas’ for undesired signals. Sensor data fusion approach At its very core, Sensor Data Fusion technology relies on the centralised collection of all data captured by the variety of different sensors included in a single detector. These data streams are directed to a microprocessor capable of analysing the signals in real-time via a complex algorithm. This algorithm is the key to Sensor Data Fusion. It enables the detector to balance active sensors and adjust sensitivities as needed, to make truly intelligent decisions regarding whether or not the data indicates a valid alarm condition – and if so, trigger an alarm. Advanced verification mechanisms The current generation of Sensor Data Fusion detectors, for instance from Bosch, feature advanced verification mechanisms, including Microwave Noise Adaptive Processing to easily differentiate humans from false alarm sources (e.g. ceiling fans or hanging signs). For increased reliability, signals from PIR and microwave Doppler radar are compared to determine whether an actual alarm event is taking place. Additionally, the optical chamber is sealed to prevent drafts and insects from affecting the detector, while the detector is programmed for pet and small animal immunity. Sensor cross-verification Further types of sensors embedded in current and future generations of Sensor Data Fusion detectors include MEM-sensors as well as vibration sensors and accelerometers. Ultimately, it’s important to keep in mind that the cross-verification between sensors serves to increase false alarm immunity without sacrificing the catch performance of actual intruders. It merely serves to cover various indicators of intrusion. Protecting UNESCO World Cultural Heritage in China Intelligent detectors equipped with Sensor Data Fusion are protecting historic cultural artifacts in China from theft and damage. At the UNESCO-protected Terracotta Warriors Museum site, one hundred TriTech motion detectors from Bosch with PIR and microwave Doppler radar technology safeguard the invaluable treasures against intruders. To provide comprehensive protection amid the specific demands of the museum site, the detectors have been installed on walls and ceilings to safeguard the 16,300-square-meter museum site. To ensure an optimal visitor experience without interference from glass walls and other barriers, many detectors are mounted at a height of 4.5 meters (15 feet) above ground under the ceiling. Despite their height, the detectors provide accurate data around the clock while exceeding the performance limits of conventional motion detectors, which clock out at a mere 2 meters (6 feet) catchment area. Integrated video systems The site also presents additional error sources such as large amounts of dust that can contaminate the sensors, as well as visitors accidentally dropping their cameras or mobile phones next to museum exhibits. To distinguish these events from actual criminal activity, the intrusion alarm system is integrated with the museum’s video security system. This allows for verifying alarm triggers with real-time video footage at a fast pace: In the case of an actual alarm event, the system alerts the on-site security personnel in the control room in less than two seconds. Added value beyond security Sensor Data Fusion technology provides a viable solution for the rising number of error sources in the environment As of today, Sensor Data Fusion technology already provides a viable solution for the rising number of error sources in the environment while providing legally compliant building security against intruders. In light of future developments, operators can leverage significant added value from upgrading existing systems – possibly without fundamentally replacing current system architecture – to the new detector standard. Added value how? On one hand, the detectors can integrate with access control, video security, voice alarm, and analytics for a heightened level of security. These synergetic effects are especially pronounced on end-to-end platforms like the Bosch Building Management system. On the other hand, the data streams from intelligent detectors also supply actionable intelligence to building automation systems, for instance as the basis for efficiency improvements and lowering energy consumption in HVAC systems. New backward-compatible detectors Bosch will release a new series of commercial detectors by end of 2021, based on the latest research on risk factors for false alarm sources in the environment and line with current legislation and safety standards. Throughout these developments, installers can rest assured that all new detectors are fully backward compatible and work with existing networking/architecture. With that said, Sensor Data Fusion technology emerges as the key to more secure intrusion alarm systems today and in the future. TriTech detectors from Bosch For reliable, fail-proof alarms the current series of TriTech detectors from Bosch relies on a combination of different sensor data streams, evaluated by an integrated algorithm. These Sensor Data Fusion detectors from Bosch combine up to five different sensors in a single unit, including: Long-range passive infrared (PIR) sensor Short-range PIR sensor Microwave sensor White light sensor Temperature sensor Equipped with these sensors, TriTech detectors are capable of detecting the most frequent sources of false alarms; from headlights on passing cars to a mouse passing across the room at a 4.5-meter distance to the detector. What’s more, TriTech detectors provide reliable performance at room temperatures above 86°F (30°C) while fully guarding against actual intrusion and sabotage attempts from criminals.

Get the most from investments in building security
Get the most from investments in building security

From analogue to digital, from stand-alone to interlinked, building systems are in a state of transition. Moreover, the rate of change shows no sign of slowing, which can make it difficult to keep up to date with all the latest developments. If asked to pinpoint the single biggest driver of this revolution, one could point out the growing clamour for platform convergence. A security guard in a building doesn’t want to use different systems to check video cameras, fire alarms or if someone has entered a restricted area: – it simply isn’t efficient. For similar reasons, a building manager wants a single interface to control heating and lighting to match fluctuating occupancy levels, particularly in a hybrid working model. Applying the digital glue The demand from end-users for system convergence is growing, but to achieve full interoperability you still need to apply some ‘digital glue’ and that requires expertise. Yet bringing together disparate systems from different manufacturers can be problematic. Just as you get things to work, someone upgrades their solution and your carefully implemented convergence can start to come unstuck. Managing an implementation can quickly become more complicated, today’s quick-fix can become tomorrow’s headache This is one of the principal issues with all types of new technology; not everyone will choose the same path to reach the desired goal – it’s the old VHS/Betamax argument updated for building management and security systems. Managing and maintaining an implementation can quickly become more complicated than it first appears and without proper oversight, today’s quick-fix can become tomorrow’s technical headache. Effective support for a hybrid workforce Today’s hybrid workforce is a response to the pandemic that looks set to become an established part of working life for many companies across the world. Security systems have a massive role to play in facilitating this transformation that goes beyond simple intrusion detection, access control, and video monitoring. They can identify the most densely populated areas in a building to comply with social distancing guidelines and provide efficient use of space. The insights gathered from a security system can also be used to identify patterns of behaviour, which can then be used for planning and directing the use of building space to help create the best possible working environment while also minimising heating, lighting, and air conditioning expenditures. Identity credentials can help manage compliance with industry regulations by limiting access to certain areas Similarly, identity credentials – either biometric or mobile-based – can help manage compliance to industry regulations by limiting access to certain areas only to approved employees. Creating and maintaining the appropriate level of functionality requires a combination of innovative solutions and industry experience. The complete security package It’s not just physical security that’s important – cybersecurity is a major focus, too. Bringing together both the physical security and cybersecurity realms is increasingly becoming a ‘must have’ capability. What is evident is that the pace of technological change is faster than ever. Today’s functionality simply wouldn’t have been possible just a few years ago, while today’s leading-edge developments may seem commonplace in five years.

How to build smarter, more secure cities from the ground up
How to build smarter, more secure cities from the ground up

Today, we live in a technology-obsessed age. Whichever way you look, it’s hard to avoid the increasing number applications, products and solutions that continue to redefine the boundaries of what we previously thought possible. From autonomous vehicles and edge computing to 5G and the Internet of Things, all facets of our lives are continuing to evolve, thanks to an endless stream of differentiated innovations. In this article, we’ll be focusing on the latter of these - the Internet of Things (IoT). Deployment of IoT technologies Smart homes, smart utilities, smart retail, smart farming, smart supply chains and many of the other ‘smart’ versions of sectors that we’re already familiar with, are all called as such because of the implications of IoT. Indeed, it is a technology that has manifested itself in billions of devices, which today underpin the truly transformational levels of connectivity that we see across industries of all shapes and sizes. The statistics speak for themselves. According to Statista, over US$ 1 trillion is expected to be spent on IoT technology worldwide, in 2022. Be it added convenience, efficiency, productivity or intelligence, many benefits are poised to emerge from this spike in IoT-related activities. Yet to say this digital transition is going to be entirely positive would be naïve. Threats faced by smart cities It is said that by 2040, 65 per cent of the world’s population will be living in cities Let’s consider smart cities. It is said that by 2040, 65 per cent of the world’s population will be living in cities. To accommodate such an influx, without facing significant logistical issues, with limited space and infrastructure, policy makers have begun to recognise that these urban environments need to become not only larger, but smarter as well. As a result, the global smart cities market is on the rise. Statista states that, globally, technology spending on smart city initiatives is expected to double from US$ 81 billion in 2018 to US$ 189.5 billion in 2023. Threat of attackers with expanding IoT landscape The challenge here is that such a stark uptick will drastically expand the IoT landscape, presenting more opportunities than ever to threat actors. As connectivity and computing power is distributed more widely across large-scale outdoor networks, hackers will scale-up their own operations in tandem. According to a Nokia report from October 2020 (based on data aggregated from monitoring network traffic on more than 150 million devices globally), IoT devices now account for roughly 33 per cent of all infected devices, up from the 16 per cent estimated in 2019. What’s more concerning is how these figures are translating into real world events. 2021 alone has already witnessed an attack on a water plant in Oldsmart, Florida, which was designed to poison residents’ drinking water. Furthermore, Colonial Pipeline, one of the largest fuel pipelines in the US was also hacked, earlier this year, resulting in major shortages across the country’s East Coast. Security through IoT authentication From weak password protection, a lack of regular patch updates and insecure interfaces, to insufficient data protection, poor IoT devices management and an IoT skills gap, there are plenty of weaknesses existing within the IoT ecosystem, which continue to provide open goals for attackers. To defend against such lethal threats, security-by-design and open standards should be the guiding principles of IoT, working to prioritise security, interoperability and robust, internet-based protocols to mitigate risks. Device authentication and encryption A sound place to start is to make device authentication and encryption the central pillars of your IoT security architecture A sound place to start, in this regard, is to make device authentication and encryption the central pillars of your IoT security architecture. The goal is to be able to prove that each and every device joining a network is not malicious, with tell-tale signs being rogue code, for example. By ensuring each device is uniquely identifiable with digital certificates and therefore, properly authenticated when joining a network, you can ensure no tampered devices are able to infiltrate your overarching network. Using technologies, such as Hardware Secure Element Critically, passwords should be avoided altogether, these vulnerable to being stolen and cracked. And, while a similar vulnerability lies in the fact that all secure devices contain a private key, you can leverage technologies, such as Hardware Secure Element (a chip designed specifically to protect against unauthorised access, even if the attacker has physical access to the device), as an extra layer of defence. Digital certificates are not the only option available in protecting those IoT devices that, if tampered with, could become the cause of physical threats. Physical Unclonable Function (PUF) can also be used to prevent tampering. Physical Unclonable Function (PUF) Through Physical Unclonable Function (PUF), a form of IoT device fingerprint is developed from the unique make up of a piece of silicon, which can be used to create a unique cryptographic key. Unlike digital certificates, a secure infrastructure can be achieved through PUF, without the need for any additional hardware, as the key is not only stored securely, but it also becomes invisible to hackers, when the device is not running. The importance of encryption Use of AES encryption within radio chips, to scramble messages on the move, is the method adopted at Wi-SUN Alliance Now, let’s turn attentions to encryption. The use of AES encryption within radio chips, to scramble messages on the move, is the method that we have adopted here at Wi-SUN Alliance. It’s a means of maximising data security, but also reducing power consumption in the devices themselves. Beyond AES encryption, it’s also worth considering topography at the design stage. Indeed, mesh networks are advantageous for several reasons. They are more reliable, allowing data to be re-routed, should devices lose contact unexpectedly. Transmissions usually travel shorter distances, which improves power efficiency and performance, and frequency hopping functionality prevents attackers from jamming signals, which could deny the service altogether. Open standards and interoperability But where do open, interoperable standards fit in? As is defined by the European Committee for Interoperable Systems (ECIS), interoperability enables a computer programme to communicate and exchange information with other computer programmes, allowing all programmes to use that information. Open standards then allow any vendor of communications equipment or services to implement all standards necessary, to interoperate with other vendors. This is incredibly useful from a security perspective. It means that all specs are stress-tested and verified by many users, and that any vulnerabilities are quickly detected, and remediated, enhancing security and reliability. Need for open standards Equally, open standards can accelerate time-to-market, reduce costs and ensure products are usable, with a variety of manufacturers’ processors and radios, with a steam of publicly available protocol stacks, design information and reference implementations available that can help build and future-proof secure products. Indeed, large-scale corporate IoT networks alongside smart cities, smart utilities, and other key smart infrastructure will only continue to evolve, in the coming years. With the immense threats of attackers in mind, these systems must prioritise security-by-design, both now and in the future.