SECURITY DOCUMENT
SECURITY STANDARD PROCEDURE
NEOM-NSE-PRC-001 Rev 01.00 July 2022
©NEOM [2022]. All rights reserved.
Document History
Revision code
Description of changes
Purpose of issue
Date
First Issue
Issued for Implementation
20.07.2022
Rev 01.00
Document Approval
Prepared by
Reviewed by
Approved by
Name
Alawi Alogbel
ETSD
Naif Rabeah
Adel Wihaib
Job Title
Industrial Security
Planning Manager
-
Senior Manager –
Security Capability
Development
Executive Director,
Public Safety
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 OF 311
Contents
1
INTRODUCTION .................................................................................................................... 11
2
DESIGN DEVELOPMENT PROCESS................................................................................... 14
3
SECURITY THREAT & RISK ASSESSMENT METHODOLOGY ......................................... 17
4
DESIGN STAGE REVIEWS & DELIVERABLES .................................................................. 23
5
MINIMUM SECURITY REQUIREMENTS .............................................................................. 41
ANNEX A - SECURITY FUNCTIONAL REQUIREMENTS (NON-INDUSTRIAL) ............................... 49
ENVIRONMENTAL REQUIREMENTS – ALL SYSTEMS ................................................................... 49
TESTING REQUIREMENTS – ALL SECURITY INFRASTRUCTURE ................................................ 51
A1: VIDEO SURVEILLANCE SYSTEMS AND VIDEO ANALYTICS .................................................. 53
A2: OTHER SURVEILLANCE SYSTEMS ........................................................................................... 64
A3: ACCESS CONTROL SYSTEMS ................................................................................................... 66
A4: INTRUDER DETECTION SYSTEMS............................................................................................. 77
A5: DURESS ALARMS ........................................................................................................................ 80
A6: SECURITY LIGHTING ................................................................................................................... 84
A7: CYBER SECURITY........................................................................................................................ 88
A8: PERIMETER SECURITY BARRIERS AND ENTRY POINTS....................................................... 91
A9: VEHICLE SECURITY BARRIERS ............................................................................................... 101
A10: COUNTER-UNMANNED AERIAL SYSTEMS .......................................................................... 115
A11: BLAST PROTECTION ............................................................................................................... 122
A12: BALLISTIC PROTECTION ........................................................................................................ 125
A13: SECURITY DOORSETS ............................................................................................................ 128
A14: SECURITY GLAZING ................................................................................................................ 133
A15: MANUAL LOCK SECURITY ..................................................................................................... 142
A16: SEARCHING, SCREENING AND DETECTION ....................................................................... 145
A17: SECURITY CONTROL ROOMS AND MONITORING POINTS ................................................ 156
A18: HVAC, INTAKES AND DUCTING ............................................................................................. 163
ANNEX B - SECURITY FUNCTIONAL REQUIREMENTS (INDUSTRIAL) ...................................... 166
ENVIRONMENTAL REQUIREMENTS – ALL SYSTEMS ................................................................. 166
TESTING REQUIREMENTS – ALL SECURITY INFRASTRUCTURE .............................................. 168
B1: VIDEO SURVEILLANCE SYSTEMS AND VIDEO ANALYTICS ................................................ 171
B2: OTHER SURVEILLANCE SYSTEMS ......................................................................................... 182
B3: ACCESS CONTROL SYSTEMS ................................................................................................. 184
B4: INTRUDER DETECTION SYSTEMS........................................................................................... 192
B5: DURESS ALARMS ...................................................................................................................... 195
B6: SECURITY LIGHTING ................................................................................................................. 199
B7: CYBER SECURITY...................................................................................................................... 203
B8: PERIMETER SECURITY BARRIERS – FENCES AND GATE HOUSES .................................. 206
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 OF 311
B9: VEHICLE SECURITY BARRIERS ............................................................................................... 219
B10: COUNTER-UNMANNED AERIAL SYSTEMS .......................................................................... 231
B11: BLAST PROTECTION ............................................................................................................... 237
B12: BALLISTIC PROTECTION ........................................................................................................ 240
B13: SECURITY DOORSETS ............................................................................................................ 242
B14: SECURITY GLAZING ................................................................................................................ 247
B15: MANUAL LOCK SECURITY ..................................................................................................... 256
B16: SEARCHING, SCREENING AND DETECTION ....................................................................... 259
B17: SECURITY CONTROL ROOMS AND MONITORING POINTS ................................................ 270
B18: HVAC, INTAKES AND DUCTING ............................................................................................. 277
ANNEX C- CONSTRUCTION SITE (TEMPORARY) ......................................................................... 280
C1: INTRODUCTION .......................................................................................................................... 280
C2: CONSTRUCTION SITE SECURITY INFRASTRUCTURE REQUIREMENTS ........................... 283
C3: CONSTRUCTION SITE SECURITY AUDIT CHECKLIST .......................................................... 290
C4: PERIMETER FENCE SPECIFICATION ...................................................................................... 298
ANNEX D: SITE CATEGORIZATION MATRIX ................................................................................. 305
ANNEX E: SECURITY MANUAL CONTENTS .................................................................................. 309
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 OF 311
Executive Summary
The Security Standard has been developed to guide those developing the security scope for NEOM
projects. The aim is to define a baseline security requirement to protect and safeguard NEOM assets.
The approach advocated is a risk-based one, recognising that each element will be different but still
requires an appropriate level of security suited to the specific site.
By underpinning the design with a risk-based approach, NEOM will benefit from a more creative
approach that is focused on innovative solutions that are suited to the intended function of the facility.
Each site will be categorised, whereby an assessment is made to determine the specific Protection
Group, Site Classification and Design Route that will be assigned to the site. This assessment will be
undertaken by the designer and then reviewed for authorisation by the NEOM Public Safety
Department.
This document sets out the deliverable expectations at each Development Stage and Stage Review
that will evidence and support the production of a well-considered security design.
It is critical that all designers embed security within their approach to ensure that the NEOM Security
Vision of a Trust Neighbourhood and Resilient Society is achieved.
The Security Standard provides the security requirements for the built environment in NEOM.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 OF 311
Abbreviations
Acronym
Description
ACS
Access Control System
AIS
Automatic Identification System
ALPR
Automatic Licence Plate Readers
ATS
Alarm Transmission Systems
BLE
Bluetooth Low Energy
CBRN
Chemical, Biological, Radiological and Nuclear
CCTV
Closed Circuit Television
CER
Computer Equipment Room
CPTED
Crime Prevention Through Environmental Design
C-UAS
Counter Unmanned Aerial System
DBT
Design Basis Threat
DTIE
Detection, Tracking, Identification, Effect.
FAR
False Alarm Rate
FoV
Field of View
GUI
Graphical User Interface
HCIS
High Commission for Industrial Security
HD
High Definition
HVAC
Heating, Ventilation, Air-Conditioning
HVM
Hostile Vehicle Mitigation
ICAO
International Civil Aviation Organization
IDS
Intruder Detection Systems
IED
Improvised Explosive Device
IP
Internet Protocol
IR
Infra-Red
ISPS
International Shop and Port Facility Security Code
MEP
Mechanical, Electrical and Plumbing
NFC
Near Field Communications
ONVIF
Open Network Video Interface Forum
OR
Operational Requirement
PBIED
Person Borne Improvised Explosive Device
PDCA
Plan, Design, Check, Act
POE
Power Over Ethernet
PPM
Pixels Per Metre
PPS
Pictures Per Second
PSD
(NEOM) Public Safety Department
PSIM
Physical Security Information Management
PTZ
Pan, Tilt, Zoom
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 OF 311
Acronym
Description
PvB
Polyvinyl Butyral
RVSS
Radar Video Surveillance System
SCR
Security Control Room
SER
Server Equipment Room
SFR
Security Functional Requirement
SR
Stage Review
SOLAS
International Convention for the Safety of Life at Sea
SR
Security Rating
STRA
Security, Threat and Risk Assessment (use interchangeably with TVRA)
TVRA
Threat, Vulnerability and Risk Assessment (used interchangeably with STRA)
VBIED
Vehicle Borne Improvised Explosive Device
VDA
Vehicle Dynamic Assessment
VMS
Video Management System
VSB
Vehicle Security Barrier
VSS
Video Surveillance Systems
WTMD
Walk Through Metal Detector
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 OF 311
Definitions
Term
Description
Adversary
Any individual, group, organisation or government that conducts activities or has the
intention and capability to conduct activities detrimental to critical assets. Adversaries
can include insiders, outsiders or the two acting in collusion.
Alert State
Describes a progressive, qualitative measure of the likelihood of an adversary’s actions,
from negligible to imminent, based on international, national, or local intelligence
information.
Asset
Any real or personal property, tangible or intangible, that a company or individual owns
that can be given or assigned a monetary value. Intangible property includes things
such as goodwill, proprietary information, and related property. For purposes of this
guideline, people are included as assets
Asset category
Assets may be categorized in many ways. Among these are:
— people.
— hazardous materials (used or produced).
— information.
— environment.
— equipment.
— facilities.
— activities/operations.
— company reputation.
Benefit
Amount of expected risk reduction based on the overall effectiveness of
countermeasures.
Capability
Means to accomplish a mission, function, or objective.
Consequences
The outcome of an event, commonly measured in four ways—human, economic,
mission, and psychological—but may also include other factors such as impact on the
environment.
NOTE 1: An event can lead to a range of consequences.
NOTE 2: A consequence can be certain or uncertain and can have positive or negative
effects on objects.
NOTE 3: Consequences can be expressed qualitatively or quantitatively.
NOTE 4: Consequences can escalate through kock-on-effects / cascading and
cumulative effects.
Consequence
Assessment
Product or process of identifying or evaluating the potential or actual effects of an event,
incident, or occurrence.
Co-Planning
Meetings with stakeholders to analyse data, co-design site plans, establish advisory
design panels, facilitate community groups for feedback.
Countermeasures
An action, measure, or device intended to reduce an identified risk
Crime Forecasts
Future oriented time series analysis, trend projection of crime patterns, computer
simulations.
Crime Statistics
Property/personal crime, drug crime, rates increasing/decreasing.
Critical Asset
Any asset that is essential for the organization to deliver its products and/or services.
Criticality
The impact of a loss event, typically calculated as the net cost of that event. Impact can
range from fatal, resulting in a total recapitalization, abandonment, or long-term
discontinuance of the enterprise, to relatively unimportant
Criticality
Assessment
Product or process of systematically identifying, evaluating, and prioritizing based on
the importance of an impact to mission(s), function(s), or continuity of operations.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 OF 311
Term
Description
Delay
A countermeasure strategy that is intended to provide various barriers to slow the
progress of an adversary in penetrating a site to prevent an attack or theft or in leaving
a restricted area to assist in their apprehension and prevention of theft.
Demographics
Look for impact on safety from: Density, age, mobility, ethnicity, tenure.
Design Charrettes
Multiple stakeholders collaborate with architectural designers on tabletop exercise with
site drawings.
Design Team
Refers to the appointed consultant(s) or contractor teams who are engaged on the site
or project stage.
Detection
A countermeasures strategy that is intended to identify an adversary attempting to
commit a security event or other criminal activity to provide real-time observation and
post-incident analysis of the activities and identity of the adversary.
Deterrence
A countermeasures strategy intended to prevent or discourage the occurrence of a
breach of security through fear or doubt. Physical security systems such as warning
signs, lights, uniformed guards, cameras, and barriers are examples of
countermeasures that provide deterrence.
Edge
Edge refers to where a capability, processing or storage occurs at the sensor device
rather than centrally in the system. This is common amongst simple video analytics
applications.
GIS
Crime mapping and pattern analysis, hot spot analysis, trends, density analysis, traffic
counts and patterns.
Key Asset
A key asset is defined as an asset that would severely reduce or restrict the delivery of
the function of a facility.
Intelligence
Information to characterise specific or general threats, including adversaries’ motivation,
capabilities, and activities.
Long Term
Long term is defined as any effect or loss of capability that will significantly exceed the
Recovery Time Objective for a facility or capability. These are tailored to the use of the
facility or capability and therefore may vary from seconds for a data centre to weeks for
a non-essential function or capability.
Medium Term
Medium term is defined as any effect or loss of capability that goes beyond the
Recovery Time Objective for a facility or capability.
Mitigation
A measure designed to reduce the risk either in likelihood or impact.
Permanent
Any asset (i.e. Building, structure, or facility) that operate/will operate in the same
location for 2 years or more.
Physical security
Security systems, infrastructure and devices intended to improve protection. Examples
include fencing, gates, walls, doors, turnstiles, locks, motion detectors, vehicle barriers
and reinforced glazing.
Plan Review
Concept drawings, site plans, architectural renderings: look for territoriality, access
control, surveillance, space hierarchy, movement predicators, entrapment areas,
lighting, landscaping.
Protection Group
The grading of the facility in the respect of security.
Recovery Time
Objective
The RTO is the specified time for the restoring of normal functionality or full capability.
Response
The act of reacting to a perceived or actual criminal activity immediately upon its
detection or post-incident.
Risk
Effect of uncertainty on objectives.
NOTE 1: An effect is a deviation from the expected - positive and/or negative.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 OF 311
Term
Description
NOTE 2: Objectives can have different aspects such as financial, health, safety, and
environmental goals and can apply at different levels such as strategic, organizationwide, project, product, and process.
NOTE 3: Risk is often charaterized by reference to potential events, consequences, or a
combination of these and how they can affect the achievement of objectives.
NOTE 4: Risk is often expressed in terms of a combination of the consequences of an
event or a change in circumstances and the associated likelihood of occurrence.
Safety Audits
Multiple stakeholders conduct night-time audit, perception and fear data, suggested
solutions to perceived problems.
Search Conference
Facilitated visioning workshop with multiple stakeholders searching for ideal futures and
solutions to design flaws.
Security, Threat
and Risk
Assessment
(STRA)
Risk (R) assessment is the process of determining the likelihood (L) of a threat (T)
successfully exploiting vulnerability (V) and the resulting degree of consequences (C)
on an asset. A risk assessment provides the basis for rank ordering of risks and thus
establishing priorities for the application of countermeasures.
Shall
A term used to indicate a mandatory requirement.
Should
A term used to indicate a recommendation or that which is advised but not required.
Site Interviews
Interviews related to travel routes, public transit routes, perceptions/experiences of
crime and safety, use of space, designated use and design fit.
Site Visit
Daytime, night-time, photo surveys: look for territoriality, access control, surveillance,
space hierarchy, movement predicators, entrapment areas, lighting, landscaping.
Social Asset Maps
Focus groups, data analysis, marketing studies and asset mapping looking at: social
cohesion, difficult to reach groups, financial assets, cultural assets, gang issues, race
issues.
Surveys
Mail-out, telephone questionnaires, victimization surveys, perception data.
Temporary
Any asset (i.e. Building, structure, or facility) that operate/will operate in the same
location for more than 4 months and less than 2 years and that is intended for a onetime basis, interim basis.
Threat Level
The threat level is based on international, national, or local intelligence information.
Different security measures may be implemented as an Alert State for each facility
based on the threat level.
Time Series
Prior crime trends over 5 years by monthly, weekly, daily pattern.
All definitions have been adapted or generated for NEOM.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 0 OF 31 1
1
Introduction
NEOM aspires to be the safest place on Earth. A key element of this is that security is
considered in all NEOM development. Vulnerability is designed out, and security is designed
in, providing an enduring, efficient, and effective solution.
One of NEOM’s most critical Security Objectives is building a resilient society ready to face all types
of hazards.
NEOM's Resilience Concept is structured along 10 essential building blocks:
1
Organize for Risk and Resilience - Establish Risk Reduction as a key consideration across
NEOM'S Strategic Plan. Define an Organizational structure to drive risk reduction and resilient
development.
2 Identify, Understand and Use Current and Future Risk Scenarios - Prepare and maintain an allhazards risk database, capturing past, current and predicted events. Develop contingency
planning across all sectors to mitigate and manage these events.
3 Strengthen Financial Capacity for Resilience - Prepare a financial plan for embedding risk
reduction and resilience across NEOM and contingency funding for emergency scenarios.
4 Pursue Resilient Urban Development and Design - Carry out risk-informed urban planning and
development decisions based on up-to-date risk assessments, compliant codes and international
best practice.
5 Safeguard Natural Resources to Enhance the Protective Functions Offered by Natural
Ecosystems - Identify, protect and monitor natural ecosystems within and outside the NEOM
geography to sustain and safeguard their protective functions and enhance their use for risk
reduction.
6 Strengthen Sector Capacity for Resilience - Strengthen NEOM sectors with effective capabilities
to implement risk management and resilience through the introduction of overall risk ownership.
7 Understand and Strengthen Societal Capacity for Resilience - Foster and strengthen the ability of
the NEOM community to be resilient through support and partnership.
8 Build and raise Infrastructure Resilience - Provide adequate Critical Regional Infrastructure and
develop a plan for its resilient enduring operation.
9 Ensure Effective Preparedness and Disaster Response - Ensure effective disaster response by
creating and regularly reviewing contingency and preparedness plans.
10 Expedite Recovery and Build Back Better - Establish strategies for post-disaster recovery,
rehabilitation and reconstruction for an improved and more resilient NEOM environment.
The Security Standard is designed to be a practical guide to those involved in all interim and
permanent NEOM development. The document is divided into distinct sections to provide easy to
understand requirements for the types of design projects across NEOM.
These areas of the document are applicable to all development projects within NEOM regardless of
being a construction, interim or end-state facility or site:
•
Section 2 covers the Design Development Process and the development requirements,
deliverables and approvals required at each Development Stage and Stage Review.
•
Section 3 covers the methodology and approach to be followed by all projects for the
development of a site-specific Security Threat and Risk Assessment.
•
Section 4 covers the Design Stage Reviews & Deliverables that are applicable to the design
routes for security development on NEOM projects.
•
Section 5 covers the Minimum-Security Requirements associated with each Protection Group.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 1 OF 31 1
•
Annex A contains the Security Functional Requirements for Non-Industrial sites across NEOM
for each security element:
o
A1: Video Surveillance Systems and Video Analytics
o
A2: Other Surveillance Systems
o
A3: Access Control Systems
o
A4: Intruder Detection Systems
o
A5: Duress Alarms
o
A6: Security Lighting
o
A7: Cyber Security – compliance with CISO requirements.
o
A8: Perimeter Security Barriers and Entry Points
o
A9: Vehicle Security Barriers
o
A10: Counter-Unmanned Aerial System
o
A11: Blast Protection
o
A12: Ballistic Protection
o
A13: Security Doorsets
o
A14: Security Glazing
o
A15: Manual Lock Security
o
A16: Search, Screening and Detection
o
A17: Security Control Rooms and Monitoring Points
o
A18: HVAC, Intakes and Ducting
Annex A is applicable to all sites that have been designated as Non-Industrial Sites by the
NEOM Public Safety Department, following the designer’s recommendation.
•
Annex B – contains the Security Functional Requirements for Industrial sites. The Annex will set
out the minimum-security requirements for industrial sites across each of the same security
elements outlined within Annex A.
Annex B is applicable to all sites that have been designated as Industrial Sites by the
NEOM Public Safety Department, following the designer’s recommendation.
•
Annex C – contains the Security Functional Requirements for Constructions Sites. This annex
sets outs the minimum-security requirements that should be in place for construction sites.
Annex C is applicable to all construction sites and associated sites that are not covered
under Annex A or B.
•
Annex D – contains the Site Categorisation Matrix template that sets out the process to
determining the recommended Protection Group, Classification, and recommended design route.
Document hierarchy is shown on the subsequent schematic including parent documents that the
designer should be familiar with to understand your obligations and the context of security in
NEOM.
•
Annex E – contains the minimum requirements for each site, facility or building Security Manual.
This document must be produced for each and is an integral part of security management.
Security is an enabling factor that provides the platform for a safe and secure NEOM Society.
A consistent baseline design response for security based upon the risk profile of the
development, its users and its criticality are key.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 2 OF 31 1
Regulatory Requirements
Security Information Handling Requirements
The development, handling and dissemination of security information must be in compliance with the
following requirements:
•
Security information shall be classified as "confidential” and shall be accessed/shared by
authorized individuals on a strictly ‘need-to-know’ basis.
•
Security information (including information related to non-security systems supporting security)
will be required at each design stage and is to be contained within a stand-alone package, which
is separate from all other non-security related documents.
•
Security information may also reside within other non-security documents, this information must
be sanitized (limited) to what is required to communicate, while maintaining the clarity and context
in support of a non-security function.
As Section 2 outlines, NEOM Public Safety Department and the facility proponent will confirm whether
a site is considered Industrial or Non-Industrial following the submission of the Security, Threat and
Risk Assessment and Site Categorisation Matrix.
Advice Note:
A key design element across NEOM is the community and visitor experience that is seamless and
enabled by technology. The almost invisible application of security through trust levels and reauthentication is a key success factor to be applied to all public interfacing developments.
It is recommended that engagement with security and regulatory stakeholders is commenced at
the earliest opportunity, supported by clear process and experience flow diagrams/descriptions.
Security solutions that are described as traditional infrastructure may not be suitable for publicfacing areas of NEOM, thus being reserved for inclusion at the more industrial and remote sites.
Any deviation from this standard shall be addressed through waiver request to PSD. All waiver
requests are subject to PSD approval. Non-compliance shall be addressed with "Noncompliance risk impact", "Sound engineering reasons and justifications for non-compliance",
"Alternatives that have been considered" and/or "Risk mitigation strategy".
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 3 OF 31 1
2
Design Development Process
The Design Development Process provides the framework for the development, delivery, and
approval of the security scope across NEOM. This Section contains the following guidance:
•
The process.
•
The protection groups.
•
Criteria for the selection of a facility, building or site as an Industrial or Non-Industrial site.
•
Engineernig and other standards.
•
Regulatory requirements.
The Process
The first activities of the Design Delivery Process are undertaken in the NEOM Plan of Work Stage 1
where the Proponent will develop Security Vision and Strategy for the Development that is aligned
with both the NEOM Security Strategy and the Vision and Strategic Objectives for the Development.
Then, design team will define the site, facility, or building, with the designer's completing:
•
A Security Threat and Risk Assessment.
•
A Strategic Security Layering Diagram.
•
A Categorization Matrix, including:
o
The recommended Protection Group for each asset, which will then define the minimum
standards required.
o
Whether an asset should be classified as Non-Industrial or Industrial. NEOM Public Safety
Department in collaboration with facility proponent shall make the initial determination
whether a facility is industrial or non-industrial.
o
The recommended Design Route for each asset as outlined in Section 4.
This will be subject to final approval by NEOM Public Safety Department.
The Security Threat and Risk Assessment methodology is outlined in Section 3.
The Categorisation Matrix is located in Annex D.
Protection Group Selection
NEOM categorises all assets into three groupings to define the minimum protection requirements that
are required for these types of facilities. The three Protection Groups are:
•
Baseline.
•
Enhanced.
•
Restricted.
If a site, building or facility satisfies more than one criteria in a number of Groups, then the highest
Protection Group will apply.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 4 OF 31 1
Definitions for each Protection Group are as follows.
Baseline
A Protection Group of Baseline should be applied if one or more of the following criteria are met:
•
Loss or failure would cause no reduction in the NEOM economy.
•
Loss or failure would cause only very localized health or safety concerns.
•
There is potential for limited injury only.
•
Loss or failure would cause no environmental damage.
•
Loss or failure would cause only very localized business disruption.
•
Loss or failure would cause very limited damage to the reputation or confidence in NEOM.
Enhanced
A Protection Group of Enhanced should be applied if one or more of the following criteria are met:
•
Loss or failure would cause a limited reduction in the NEOM economy.
•
Loss or failure would cause localized health or safety concerns.
•
There is potential for localized loss of life.
•
Loss or failure would cause environmental damage.
•
Loss or failure would cause medium-term business disruption.
•
Loss or failure would cause moderate damage to the reputation or confidence in NEOM.
Restricted
A Protection Group of Restricted should be applied if one or more of the following criteria are met:
•
Loss or failure would cause a significant reduction in the NEOM economy.
•
Loss or failure would cause NEOM Regional health or safety concerns.
•
There is potential for mass loss of life.
•
Loss or failure would cause major environmental damage.
•
Loss or failure would cause long-term business disruption.
•
Loss or failure would cause significant damage to the reputation or confidence in NEOM.
Non-Industrial and Industrial Selection
NEOM Public Safety Department in collaboration with facility proponent shall make the initial
determination whether a facility is Industrial or non-industrial. Industrial is viewed as a wide usage
category that covers:
•
Manufacturing.
•
Engineered or Chemical Production.
•
Energy Production.
•
Water and Desalination installations.
•
Energy Distribution Networks.
•
Non-Passenger Rail and Cargo Transportation.
•
Maritime Ports.
•
Petroleum, Petro-Chemical and Gas extraction, processing, storage, and distribution.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 5 OF 31 1
•
Production, storage, and distribution of highly flammable, toxic, or explosive materials.
If a site, facility, building, or infrastructure falls under one of the above categories or uses, then it is
required to adopt the design requirements of:
•
The Industrial Design Process.
•
The Industrial Design Deliverables for each Stage Review.
•
The requirements as detailed in Appendix B.
Engineering and Other Standards
The relevant security and security engineering standards that are applicable to each security function
are listed at the end of the relevant appendix sections.
Dependent upon the facility type, and the usage of locations within the facility, broader engineering
and general standards may also apply. The designer should check these requirements against the
NEOM technical Schedules:
List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
Regulatory Requirements
All developments must be compliant with the NEOM Security Standard, the referenced national and
international standards, and relevant international regulatory requirements.
Regulatory requirements will depend upon the type of facility and the role it is performing, whether
regional to NEOM only, or if internationally non-NEOM regulations may need to comply with.
Examples of this are:
•
NEOM Airport – International regulations (ICAO etc) and carrier requirements.
•
NEOM Industrial Port – International regulations (ISPS, SOLAS etc) and National regulations for
goods transiting onwards into KSA.
It is the responsibility of the design team to identify the international regulations that are applicable.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 6 OF 31 1
3
Security Threat & Risk Assessment Methodology
Introduction
The Security Threat & Risk Assessment (STRA) is produced to identify the threats which may
propagate within NEOM and at which potential locations.
The STRA will be a standalone document and handled as ‘Confidential’.
The STRA is a critical step in the security scope and should be undertaken prior to the start of the
design process and be updated throughout the project lifecycle. This will ensure that the risk context
is fully understood in order that proportionate and effective mitigations can be developed.
As the security designer for a specific development you will need to complete a STRA for your
project.
Purpose
For any security scope in an interim or permanent facility, the designer shall conduct an STRA for the
facility to determine the mitigation measures required.
A successful STRA process will:
•
Identify the relevant threats against the specific object.
•
Identify critical assets potentially requiring protective mitigation.
•
Allow the designer to understand the likelihood and potential impact of relevant threats upon
people, asset, reputation etc.
•
Highlight where there are unacceptable risks that require mitigation or management.
•
Allow the designer to understand how mitigating measures should be applied to reduce risk,
across physical, systems and operational security design.
•
A STRA intends to highlight concepts of mitigation only, in relation to physical, systems based
and operation security design. Such concepts should be adequately developed by the security
designer through the design stage process.
The risk assessment should cover current and future development specific hazards, risks and threats,
covering the following (but not be limited to):
•
Environmental Hazards: (e.g. Flooding, Geological hazards, severe weather, severe space
weather) - consider geology, current climate conditions, future climate conditions considering
climate change and climate change adaptation, fauna, flora and NEOM environmental specific
requirements.
•
Manmade Hazards: (e.g. Industrial accidents, environmental pollution incidents, biological
release, structure incidents, failure of infrastructure, data infrastructure failure, transportation
accidents) - consider expanding industrial and economic activities related to development and
NEOM expansion, increasing population numbers as NEOM evolves over time, self-sustainable
development, the use of technologies of future as the backbone infrastructure, use of
technologies of the future as a threat vector.
•
Public Safety: (e.g. Crowded places, transport, public disorder, strikes, human / animal diseases)
- consider the culturally diverse NEOM citizens with various maturity levels of public safety,
predict / prevent / deter public safety related incidents / crime, use of nontraditional methods to
control public safety issues as NEOM is the “city of the future”.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 7 OF 31 1
•
Malicious Threats: (e.g. Chemical, Biological, Radiological and Nuclear - CBRN, Petty Crime,
Organized Crime, Smuggling, Espionage, Cyber, Terrorism, State Sponsored Malicious Threats) consider the overall NEOM objectives for residents / visitors, align it to development specific
objectives and implement security & resilience controls around the mentioned objectives.
Consider illicit and malevolent actors targeting this specific development.
STRA Process
A STRA should be undertaken by a designer with the relevant experience and knowledge of security
design.
Security Threat and Risk Assessment (STRA) shall be conducted in compliance with NEOM
Enterprise Risk Management Framework and NEOM Risk Management Procedure (NEOM-NENPRC-028).
Managing Risks" within Security Threat and Risk Assessment (STRA) shall be in compliance with ISO
Risk Management - Guidelines (ISO 31000).
Methodology of Risk Assessment and Treatment within Security Threat and Risk Assessment (STRA)
shall be in compliance with American Society for Industrial Security – General Security Risk
Assessment Guideline (ASIS – GSRA Guideline)
Preventing and reducing crime and the fear of crime" within Security Threat and Risk Assessment
(STRA) shall be in compliance with Security and Resilience — Protective security — Guidelines for
crime prevention through environmental design (BS ISO 22341:2021).
Scoring Methodolgy
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 8 OF 31 1
To ensure continuity of scoring for all security risk assessments, the following scoring criteria must be
used by all.
Risk should be scored for:
•
A score for Likelihood (L) and Impact (I) assigned to each threat as a first value.
•
Risk Severity (R) is based upon Likelihood (L) x Impact (I).
•
The second value of Risk Severity (R) is the estimation of the resultant risk following the
application of risk treatments.
The designer should adapt a STRA scoring process, according to the requirements and scale of the
object.
An indicative scoring process is as follows, based upon an R score (1-25), from multiplication of L (15) score x I (1-5) score.
Likelihood
Likelihood is the scoring of the likelihood for occurrence of the threat. This should be thought of in
relation to:
•
Target attractiveness (i.e. how attractive is the location as a target for the threat?).
•
Target vulnerability (i.e. does the object design provide opportunity for a threat to occur, through
design vulnerability?).
•
Threat type context (i.e. is this threat vector a common modus operandi?).
A score for Likelihood should be assigned to each threat, based upon the following indicative
descriptions:
Score
Likelihood
Likelihood Description
5
Almost Certain
Will undoubtedly happen, possibly frequently.
4
Likely
Will happen, but not a persistent issue.
3
Possible
May happen occasionally.
2
Unlikely
Not expected to happen but is possible.
1
Rare
Very unlikely this will ever happen.
Impact
Impact is the potential effect that a threat would have, if it were to occur, in relation to identified
assets.
The designer should identify what type of asset would be affected by a threat at an object level. For
example, an act of violence would impact upon people, where as a sabotage event may impact upon
business continuity. Impact is likely to be in relation to:
•
People.
•
Asset or financial loss.
•
Business process / continuity.
•
Reputation.
An example impact scoring matrix is set out below:
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 9 OF 31 1
Score
Impact
5
4
3
2
1
Very High
High
Medium
Low
Very Low
Asset /
Financial
People
Business
Process
Reputation
Severe loss, >
2,500,000 SAR.
A number of
fatalities.
Inability to
conduct
business
operations, full
service
restored in
months.
Highly
damaging,
severe
widespread
loss of
confidence.
Major loss, <
2,500,000 SAR.
Extensive
injury, major
permanent
harm. Potential
fatality.
Significant
disruption to
business
activity, full
service
restored in
weeks.
Major adverse
publicity, major
loss of
confidence.
Significant loss
< 1,250,000
SAR.
Medical
treatment
required, semipermanent
harm.
Business
objectives
partially
unachievable,
full service
restored in
days.
Adverse
publicity, legal
implications.
First aid
treatment
required, nonpermanent
harm.
Minor impact
on ability to do
business, full
service
restored in
minutes to
hours.
Some adverse
publicity, low
reputational
damage.
No obvious
harm or injury.
Minimal
impact, no
determinable
disruption, full
service
restored
immediately.
No interest to
the public, low
internal affect.
Moderate loss <
1,250,000 SAR.
Minimal loss <
50,000 SAR.
Risk Severity
Multiplying likelihood by impact provides a risk severity score. An indicative risk severity matrix is set
out below, however this should be reviewed at the start of the STRA process and be based upon the
designer’s established appetite for risk.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 0 OF 31 1
Score
Risk Severity
Risk Descriptor
16 - 25
Very High
A severe risk that would seriously affect or without treatment this
threat will have a detrimental effect that will impact business
continuity.
10 - 15
High
The risk is High, it is recommended that risk treatment is applied to
lower the overall severity.
5–9
Medium
Moderate risks are likely to be the most common risks experienced
and therefore careful ongoing consideration of treatment is required.
1–4
Low
A low risk level that is likely treated by other security measures
employed for more severe risks or may be tolerable.
Design Basis Threat Identification
A Design Basis Threat (DBT) should be identified at the Risk Identification stage. The DBT defines
the protection standard that needs to be applied to the applicable location. It is important that this is
evidence led and should follow qualitative and quantitative research of the Criminal and, or Extremist
threat vectors.
This should consider:
•
Available and relevant security source intelligence.
•
Assessment of the capability of threat groups.
•
Understanding of threat groups motivations.
•
Crime statistics (where available) and examples of occurrence of threat type.
It is recommended that the designer consults with relevant security stakeholders who may be able to
provide further understanding of the threat context.
Crime Prevention Through Environmental Design
A mandatory part of the STRA process for all security scopes is the undertaking of CPTED as
detailed in:
Security and Resilience — Protective Security — Guidelines for Crime Prevention Through
Environmental Design (BS ISO 22341:2021).
In addition to the items to be considered in-line with BS ISO 22341:2021, the designer shall consider
items related to 1st Generation, 1st Generation CPTED Advanced and 2nd Generation CPTED. Areas
for inclusion for CPTED Generation are listed below:
1st Generation CPTED
•
Territoriality.
•
Access Control.
•
Surveillance.
•
Image.
1st Generation CPTED Advanced
•
Incompatible land uses.
•
Movement Predictors.
•
Crime Support.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 1 OF 31 1
•
Crime Displacement.
•
Crime Generator.
•
Land use Mix.
2nd Generation CPTED
•
Capacity.
•
Cohesion.
•
Connectivity.
•
Culture.
The alignment of CPTED requirements into stage reviews is covered in the Section 4.
Site Categorisation Matrix
The Site Categorisation Matrix provides a framework to inform and categorise all facilities, buildings,
and infrastructure within NEOM. It shall determine:
•
The recommended Protection Group, which will then define the minimum standards required.
•
Whether the site should be classified as Non-Industrial or Industrial.
•
The recommended Design Route as outlined in Section 4.
The framework and process are set out within Annex D and is built upon a set of standardised
categories to assist the designer in determining the appropriate Site Category.
References
The following references should be considered:
•
City Of Federal Way - Crime Prevention Through Environmental Design (CPTED) Checklist.
•
HLS CAM Vulnerability Assessment Form.
•
Safe Growth Risk Assessment Matrix.
•
21st Century Security and CPTED, 2nd Edition by Randall I. Atlas.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 2 OF 31 1
4
Design Stage Reviews & Deliverables
The Design Process
The development stages are defined in outline within the Resilience Planning Guide, which have been
extracted in turn from the Engineering Procedures – Stage Deliverables Procedure that apply to all
design disciplines for all projects within NEOM including security.
The latest NEOM Plan of Work (NEOM-NEN-PRC-029) should be utilized.
NEOM Security Outcomes
NEOM have two overarching security outcomes that should be supported through all security scopes:
Outcome 1
•
Frequency of Violent Crimes per year – Target Zero.
•
Frequency of Fire Related Deaths per year – Target Zero.
•
Average onsite response time for defined communities – Target < 4 minutes.
Outcome 2
Security technology supports the NEOM technology use strategy, allowing integration and
convergence of systems, networks and information.
Engineering Procedures – Stage Deliverables Procedure (Reference NEOM-NEN-PRC-005 Latest
revision to be used) sets forth the components required for master planning and the design of assets
in accordance with the NEOM Plan of Work.
This Section of the Security Standard further refines the deliverables required at each stage for
security. It is incumbent upon the designer to ensure their submission at each development stage is
adequate and evidences the security solution in enough detail to allow the following to be clearly
understood:
•
The approach to security that is being taken, and how this fits within the NEOM vision for security.
Unobtrusive, enabling and based upon trusted communities are key themes.
•
Any performance or technical detail that is required in that development stage.
•
Design coordination with other disciplines.
•
Detail around any external stakeholder interaction and requirements.
The Development Stages
The development stages provide a logical progression of design information required to ensure that
security has been adequately considered. Aligned to the stages are a series of formal and interim
Stage Reviews, and these will include the checking of security design information.
The stages are defined on the following schematic.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 3 OF 31 1
Further information on the stages is contained within NEOM-NEN-PRC-005_02 Stage Deliverables
Procedure – latest version to be used.
The Design Routes
There are two design routes that can be instructed by NEOM Public Safety Department dependent on
set criteria for the site.
•
Matrix 1 – Standard Design Route – Applicable across all Restricted and Enhanced security
projects and for Baseline Protection Group sites, facilities and buildings that will follow the
standard Urban Development stage review process.
•
Matrix 2 – Fast Track Design Route – The Fast Track Design Route may be used for:
o
Protection Group Baseline site, facility, or building, where approved by PSD and the
proponent.
o
A temporary facility.
▪
If the design is an off-site pre-fabricated unit, then the specification should be submitted
for review. If accepted, then this may be accepted as fulfilling the design process for this
part of the facility only.
The information required at each Development Stage, and Stage Review, is defined in the relevant
Security Design Deliverables Matrix at the end of this Section.
The matrices define the minimum information the designer will need to present. This should be added
to as required by the design to ensure clear, concise, and relevant information is reviewed.
NEOM Security Scope Compliance List
The NEOM Security Scope Compliance List (SSCL) should be utilised for security work on projects to
establish that the correct actions have been taken and sufficient information has been provided for
design coordination, design progression and approvals.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 4 OF 31 1
Item No.
Description
Compliance
(Y/N)
Part 1
General
1.01
Security Threat and Risk Assessment (STRA) shall be conducted in
compliance with NEOM Enterprise Risk Management Framework and
NEOM Risk Management Procedure (NEOM-NEN-PRC-028).
1.02
Managing Risks within Security Threat and Risk Assessment (STRA)
shall be in compliance with ISO Risk Management - Guidelines (ISO
31000).
1.03
Methodology of Risk Assessment and Treatment within the Security
Threat and Risk Assessment (STRA) shall be in compliance with
American Society for Industrial Security – General Security Risk
Assessment Guideline (ASIS – GSTRA Guideline).
1.04
Preventing and reducing crime and the fear of crime" within
Security Threat and Risk Assessment (STRA) shall be in compliance
with Security and Resilience — Protective security — Guidelines for
crime prevention through environmental design (BS ISO
22341:2021).
CPTED items for consideration as per CPTED Generation:
•
1st Generation CPTED
Territoriality.
Access Control.
Surveillance.
Image.
•
1st Generation CPTED Advanced
Incompatible land uses.
Movement Predictors.
Crime Support.
Crime Displacement.
Crime Generator.
Land use Mix.
2nd Generation CPTED
Capacity.
Cohesion.
Connectivity.
Culture.
1.05
•
The STRA shall include the following:
o
Site Security Constraints and Influencing Factors.
o
Security Spatial Requirements.
o
Security Systems Integration matrix, including an outline Cause
& Effects Matrix.
o
Baseline Infrastructure Security Requirements.
o
Security Privacy Zoning traces produced to assist the
application of access control locations.
o
Specialist Security Analysis completed as required, e.g. vehicle
dynamics assessment, initial blast analysis, screening &
detection.
1.06
Typical STRA Content
1.06.1
•
Vision
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 5 OF 31 1
Item No.
1.06.2
1.06.3
1.06.4
1.06.5
Description
•
•
•
•
Compliance
(Y/N)
o
Site (Status + Description + Location + Population Index).
o
Ranking Criteria.
o
NEOM Protection Groups.
o
Site Classification.
Problem Identification
o
Threat Overall Assessment.
o
Adversary Sequence Diagrams. (Attack Path Analysis and
Attack Path Characteristics)
o
Plan Review.
o
Asset Identification/Characterization worksheet.
o
Chemicals of Interest (as per Appendix A to Part 27 - DHS
Chemicals of Interest.
o
Asset/Attack Matrix. (Design Basis Threats per Asset)
o
User Profiles per Asset.
Problem Analysis – Data Collection.
o
Site Visits, interviews and surveys, as appropriate.
o
Crime Statistics, including crime index. i.e. Type of Crime
[personnel, property], Time/Day [3-5 years before critical
incident & 2-3 miles area coverage].
o
Crime Forecasts (i.e. trends).
Problem Analysis – Data Analysis.
o
Asset Target Value (ATV) - Terrorists Attractiveness.
o
Asset Target Value (ATV) - Economic Criminal Attractiveness.
o
Asset Target Value (ATV) - Non-Terrorism Violent Crime
Attractiveness.
o
Asset Target Value (ATV) - Subversives Attractiveness.
o
Asset Target Value (ATV) - Petty Crimes Attractiveness.
o
Asset Attractiveness Target Ranking worksheets.
o
Demographic (i.e Housing, Age category and Income
level/category [renting, owner]).
o
GIS.
o
Time Series.
o
Social Analysis / Asset Mapping.
o
Asset Surveillance Opportunity Matrix.
o
Asset Vulnerability Matrix.
o
Co-Planning.
o
Design Charettes.
o
Search Conference.
o
Risk Matrix.
Strategy.
o
Vulnerability Assessment.
o
Risk Evaluation.
o
Risk Treatment Strategy.
o
Residual Risk Matrix.
o
Recommendations of countermeasures.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 6 OF 31 1
Item No.
Description
Compliance
(Y/N)
o
Security Concept of Operations.
o
Security Components compliance summary.
o
Phasing.
Part 2
NEOM Stage – 2A and 2B Drawings
2.01
An Overview drawing identifying:
2.02
•
Facility location.
•
All adjacent facilities and infrastructure bordering the facility.
•
Adjacent public parking or vehicle accessible areas.
•
Consequence assessment of adjacent facility influences on the site.
•
Facility Layout drawing(s) showing:
o
Site zoning.
o
Boundaries and associated security treatments.
o
External and internal security patrol roads including connections
to the facility road system as included.
o
All gates showing approach roads including connections to the
facility road system. (Drawing shall indicate gate dimensions).
o
Perimeter penetrations/crossings (underground, above ground
[i.e. buried, over the fence or through the fence]) and their
purpose.
o
Critical assets identified in the STRA.
Part 3
NEOM Stage - 3A Conceptual Design Document
3.01
•
Conceptual Design Document shall contain the following items:
o
Project Overview & Site/Facility Description.
o
Summary from the STRA, Critical Assets, NEOM Security
Protection Group & Physical Security Recommendations.
o
A site specific conceptual description of the Physical Security
design and security infrastructure.
o
A site specific conceptual description of the security systems
required for the security design of the facility. (i.e. Monitoring
locations and periods [24 X 7], space requirements, and
hardware requirements).
o
Specific security countermeasures for areas where compliance
cannot be achieved as identified in the STRA.
Part 4
NEOM Stage - 3A & 3B Drawings
4.01
•
Facility Layout Drawing(s) to show:
o
All security infrastructure and device locations.
o
Intrusion Detection systems installed around the perimeter,
including alarm zones.
o
All security system equipment, locations and physical layouts.
o
Security lighting layouts and illumination levels (Perimeter &
Check Point Lighting).
o
Gate Layout and Design. This covers all gates at the facility.
Each gate shall be submitted in a separate drawing set.
o
Power sources and backup power services to all security
facilities.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 7 OF 31 1
Item No.
Description
4.02
•
4.03
4.04
•
•
Compliance
(Y/N)
Perimeter Fence Drawings showing:
o
Elevation views, clearances, and fence crossing details.
o
Perimeter penetrations.
o
All cameras monitoring fence crossings.
System Drawings showing:
o
VSS cameras, analytics and Field of View.
o
Access control system layout.
o
Intrusion detection system layout.
o
Gate security layout and equipment.
o
Building security equipment.
o
SCR layout.
o
Network topology and major network devices.
o
Security communication system layout (Radio & Telephone
only).
o
Single line diagram: power supply for security equipment
(primary, alternate, UPS and emergency power generator).
Security Systems and Device information in a schedule to show:
o
Security components/device type.
o
Security components/device manufacturer.
o
Security component/device model number.
o
Security compliance (Yes/No) for security components.
Part 5
NEOM Stage - 3B Documentation
5.01
General Requirements
5.01.1
•
•
Basis of Design document including:
o
A general description of the facility/site and the project overview.
o
General design criteria and specifications including any
integration requirements.
o
Detailed requirements for the engineering design basis of the
security system.
Security Concept of Operations.
5.02
Physical Security Infrastructure Document
5.02.1
The PSI is based on the Conceptual Design Document.
It shall provide a description for each element of the physical security
infrastructure and physical security measures together with the human
interface and procedures required to provide the security system and
organization for facility protection.
This section shall include the design requirements (Functional
requirements, Performance Requirements, and Capacity requirements),
specifications and operational objectives of the sub-systems and
components.
5.03
System Design Document
5.03.1
Security Systems design document is based on the Conceptual Design
Document.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 8 OF 31 1
Item No.
Description
Compliance
(Y/N)
It shall provide a description of the security systems required
(electronic/technical components) for the security design.
It shall provide an overview of the Security Systems terminating in the
SCR and integrated into the SCR environment.
The section shall include a description of each system, sub-system and
provide a layout of all the elements and components in the SCR. This
section shall include the design requirements (Functional requirements,
Performance Requirements, and Capacity requirements), specifications
and operational objectives of the sub-systems and components.
5.04
Scope of Work (SoW)
5.04.1
•
A detailed Scope of Work (SoW) shall be included to provide a clear
understanding on what the security project will consist of and all the
construction, installation and integration of security infrastructure and
security systems required for the project that will be carried out by
the Security Contractor.
•
This section shall provide an overview of the concept of security for
the site including all elements.
5.05
Equipment Identification Schedule
5.05.1
•
Part 6
NEOM Stage - 3C Deliverables
6.01
General Requirements
6.01.1
•
Security Consultant review report of the detail design documentation,
identifying any vulnerabilities.
•
Basis of Design document.
•
Detailed project description and SoW document.
•
Equipment Schedules.
All equipment and components required for the security system shall
be summarized in an Equipment Schedule.
6.02
System Design Document
6.02.1
•
Detailed SCR design documentation.
•
SCR system and network architecture description.
•
Function description, main requirements, architectural description
and technical description for each system and sub-system.
•
Integration Schedule.
•
Overview of the Security Systems terminating in the SCR and
integrated into the SCR environment.
•
Design requirements, specifications and operational objectives of the
sub-systems.
6.03
Physical Security Infrastructure Document
6.03.1
•
Detailed PSI design documentation, the detail design parameters,
specifications and requirements for each building/element or
equipment for the PSI.
•
Detailed Design drawings for the construction of all security
buildings, such as gatehouses, search facilities, security SCR and
security partitions within buildings.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 9 OF 31 1
Item No.
Description
Compliance
(Y/N)
•
Design parameters for the buildings.
•
Details of any blast and ballistic performance, and the certification
method.
•
A description for each element of the physical security infrastructure
and physical security measures together with the human interface
and procedures required to provide the security system and
organization for facility protection.
6.04
Security Fencing
6.04.1
•
Specifications, calculations and design document for installation of
fencing systems considering the specific soil conditions.
•
Site Perimeter Layout drawing including fence detail suitable for
procurement and installation.
•
Detailed Design drawings for where impact rated vehicle security
barriers are included.
•
Certificates for anti-vehicle barriers, and anti-personnel fences as
applicable.
•
Detailed Design drawings for construction & patrol road layout.
•
Detailed Design drawings for the construction and installation of the
facility perimeter fencing and all other fences described in the PD.
•
Detailed Design drawings for each fence penetration in the facility
perimeter.
•
Detailed Design drawings for the layout and installation of all
emergency gates and heavy equipment gates.
•
Material data sheets and specifications. (and certificates; where
applicable).
•
Detailed Design drawings for Temporary fences and demolitions
along the fences. This will include any phasing diagrams.
6.05
Security Gates
6.05.1
•
Specifications, calculations and design document for layout and
installation of each facility gate.
•
Detailed Design drawings for the layout and installation of all security
equipment, security devices, and components at each gate and in
the gatehouse/search facility.
•
Material data sheets and specifications. (Certificates; where
applicable).
•
Certificate for the crash rated road blockers and bollards.
6.06
Security Lighting
6.06.1
•
Specifications and design document for perimeter security lighting,
each check point/gate lighting and area security lighting.
•
Security lighting calculations & computer plotter prints for all
perimeter, check point/gate and area security.
•
Detailed Design and Installation drawings for the installation of the
facility perimeter security lighting and each check point/gate lighting.
•
Material data sheets and specifications. (and certificates; where
applicable).
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 0 OF 31 1
Item No.
Description
Compliance
(Y/N)
6.07
Security Control Room
6.07.1
•
Detail Design drawing for the construction of the SCR with detail
design parameters & specification documents.
•
SCR layout.
•
Detailed list of systems & functions integrated into the SCR.
•
Details about Integration software at SCR.
•
Material and equipment data sheets & specifications. (and
certificates; where applicable).
•
Security operator requirements.
6.08
Intrusion Detection System
6.08.1
•
Detailed Design and Installation drawings for the layout and
installation of the Perimeter Intrusion Detection systems.
•
Detailed Design and Installation drawings for the layout and
installation of the perimeter camera surveillance and video analytics.
•
Building level intruder detection systems layout and installation
drawings.
•
Camera Field of View/Lens Calculations.
•
Material and equipment data sheets & specifications (and
certificates; where applicable).
6.09
Access Control System
6.09.1
•
Detailed Design & Installation drawings for the layout and installation
of the electronic Access Control System.
•
Material and equipment data sheets & specifications. (and
certificates; where applicable).
6.10
Video Surveillance System and Video Analytics
6.10.1
•
Detailed Design and Installation drawings for the layout and
installation of the Video Assessment & surveillance CCTV camera
systems.
•
Camera Field of View/Lens Calculation.
•
Material and equipment data sheets and specifications. (Certificates;
where applicable).
6.11
Data Networks & Communications
6.11.1
•
•
For Data Network:
o
SECNET topology & capacity.
o
Network interface equipment.
o
Connection to facility backbone.
o
Cabling overview & drawings for the gatehouse, SCR, ACS, IDS
and VSS locations.
o
Perimeter IDS & VSS interface and cabling.
For Communications:
o
All Gatehouse wired & wireless communications.
o
SCR wired and radio communications.
o
Radio equipment list (fixed, mobile, vehicle mounted).
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 1 OF 31 1
Item No.
Description
o
Compliance
(Y/N)
Radio coverage map.
•
VSS storage calculations.
•
Network Bandwidth Calculation.
6.12
Power Supply
6.12.1
•
Detailed Design & Installation drawings for:
o
The Emergency Power Supply.
o
The UPS system.
•
Power and UPS calculations.
•
Material and equipment data sheets and specifications (and
certificates; where applicable).
6.13
Testing Plans
6.13.1
•
Pre-delivery or Factory Acceptance Test (FAT).
•
Site Acceptance Tests (SAT).
•
Reliability or Operational Availability Testing (OAT).
•
After-acceptance test (After-implementation testing).
•
Closeout Activities (a list of activities or work to be accomplished is
derived from the PPS).
Part 7
NEOM Stage – 3D
•
Nil.
Part 8
NEOM Stage – 4A
8.01
Training
8.01.1
•
Facilitate the training program.
•
Evaluate the training program.
•
Training Lessons Learned (what training was conducted, by whom,
and when, keep a sign-in sheet of who attended the training).
•
Develop follow-up training requirements as applicable.
8.02
Pre-delivery or Factory Acceptance Test (FAT)
8.02.1
•
Conduct FAT(s).
•
FAT(s) data/result.
•
FAT(s) punch list for correction (corrective items).
8.03
Site Acceptance Tests (SAT)
8.03.1
•
Conduct SAT(s).
•
SAT(s) data/result.
•
SAT(s) punch list for correction (corrective items).
8.04
Maintenance
8.04.1
•
Define maintenance contract or in house capability requirements.
•
Develop Guides for:
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 2 OF 31 1
Item No.
Description
Compliance
(Y/N)
o
Trouble shooting.
o
Hardware maintenance.
o
Software installation and maintenance.
8.05
Reliability or Operational Availability Testing (OAT)
8.05.1
•
Conduct OAT(s); Testing the system to demonstrate its effectiveness
and reliability.
•
OAT(s) data/result.
•
OAT(s) punch list for correction (corrective items).
8.06
Warranty: 1 year minimum after commissioning
8.06.1
•
Part 9
NEOM Stage - 4B
9.01
After-acceptance test (After-implementation testing)
9.01.1
•
Conduct After-acceptance test(s).
•
After-acceptance test(s) data/result.
•
After-acceptance test(s) punch list for correction (corrective items).
Warranty Schedule (i.e which items are covered by the manufacturer
and which component is covered by the integrator) and how?
9.02
Warranty
9.02.1
•
Review of warranty conditions and activities.
•
Define warranty providers.
Part 10
Transmittal
10.01
Designer shall prepare relevant design submissions in-line with stage
requirements.
10.02
•
Once the draft STAGE package has incorporated all NEOM
comments and required edits, the designer shall provide NEOM
copies of STAGE package that will include:
o
Electronically submitted finalized Stage documents in MS Word
format (version 2013 or later) and in pdf format, using the NEOM
Report Template (soft copy available upon request).
o
Legible drawings, minimum size shall be a minimum of ISO A1
or larger.
Part 11
Consultant/Contractor Compliance
11.01
All Security engineering documents and studies must be at all times
marked as CONFIDENTIAL.
11.02
Stakeholder coordination undertaken at each relevant stage.
11.03
Quality review undertaken at each design stage prior to submission for
approval.
11.04
•
Reviews submitted on the NEOM Template for official review to
receive, address, and successfully incorporate comments by NEOM.
•
All comments are to be tracked in a design matrix and only be closed
once NEOM are satisfied.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 3 OF 31 1
Item No.
Description
11.05
•
Compliance
(Y/N)
Proponent, NEOM PSD, other designers comments incorporated at
each design stage.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 4 OF 31 1
Matrix 1 – Standard Design Route
Each design submission will be accompanied by a BIM model and GIS files developed to the level specified in NEOM’s Technical Procedure reference NEOM-NEN-PRC-009 (GIS & BIM Procedure) at the end of each design stage. The
proponent is responsible for deliverables under Security Consultant and Security Contractor.
Stage
Description
NEOM Public Safety Department
Proponent
S1
Strategic Definition
•
NEOM Security Standard issued.
•
•
Initial Security Requirements issued.
Develop Security Vision and Strategy for the
Development that is aligned with both the
NEOM Security Strategy and the Vision and
Strategic Objectives for the Development.
•
Confirm Protection Group and
Industrial/Non-Industrial Status.
•
Determine the type of the facility.
•
•
Propose the Protection Group in
consultation with the Security Consultant.
Draft Regional STRA Report (refer to NEOM
Security Compliance List).
•
Draft Regional Drawings (refer to NEOM Security
Compliance List).
•
Draft Regional Security Manual Contents and
Format.
•
Final Regional STRA Report (refer to NEOM
Security Compliance List).
•
Final Regional Drawings (refer to NEOM Security
Compliance List).
•
Final Regional Security Manual Contents and
Format.
•
Draft Public Safety Initial Asset Brief.
S2
Concept Master Plan (2A)
Detailed Master Plan (2B)
•
Determine additional stakeholders as
required.
•
Security Consultant
Security spatial requirements coordinated
with masterplan designer.
Security Contractor
(If applicable)
Initial Asset Brief (2C)
•
Final Public Safety Initial Asset Brief.
•
(If applicable)
Submit Development Assets for Public
Safety to confirm asset compliance.
End of Stage
S3
Concept Design (3A)
Developed Design (3B)
•
•
Design coordination facilitated across all
disciplines.
Design coordination facilitated across all
disciplines.
DOCUMENT CODE : NEOM-NSE-PRC-001
•
Final version of all deliverables for this stage
collated into a single report.
•
Design Comments Log created.
•
Develop Deliverables from previous stages.
•
Asset STRA Report (refer to NEOM Security
Compliance List).
•
Asset Security Manual Contents and Format.
•
Concept Of Design (COD): Conceptual Design
Document and Drawings (refer to NEOM
Security Compliance List).
•
Incorporate all requirements from the Protection
Group.
•
Design Comments Log updated.
•
Further develop Deliverables from previous
stages
•
Developed Design: Documents and Drawings
(refer to NEOM Security Compliance List)
•
Early tender package development
•
Draft Security Manual
•
Update Design Comments Log
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 5 OF 31 1
Stage
Description
NEOM Public Safety Department
Detailed Design (3C)
Proponent
Security Consultant
Security Contractor
•
•
Review Detailed Design:
If Contractor led Detailed Design:
o
Documents and Drawings.
•
o
Equipment selection (refer to NEOM
Security Compliance List).
Further develop Deliverables from previous
stages.
•
Detailed Design:
•
Tendering Stage & IFC (3D)
•
Tender documents and drawings
providing sufficient detail for contractor
pricing and scope of work to be clearly
understood.
Final coordination of design with other
disciplines.
Tender Stage support to NEOM.
If Consultant led Detailed Design then ‘Security
Contractor’ requirements remain with the Security
Consultant.
S4
Mobilisation & Construction (4A)
•
Testing Plans (refer to NEOM Security
Compliance List).
•
•
Refinement of design information as required to
be Issued For Construction (IFC).
Tender Stage support to NEOM.
Approval of documentation for Stages 1 - 3 is
required prior to the construction, procurement or
installation of any new security equipment, system or
security infrastructure.
Testing, Commissioning,
Handover and Close-Out(4B)
•
Collated Detailed Design and IFC information
•
Collated Detailed Design and IFC information
•
Compliance to Annex C requirements for the
construction sites.
•
Installation of security infrastructure and systems
compliant with IFC information.
•
FAT(s) (refer to NEOM Security Compliance
List).
•
SAT(s) (refer to NEOM Security Compliance
List).
•
Refine Operational Policies and Procedures.
•
Maintenance preparation (refer to NEOM
Security Compliance List).
•
Record, with authorizations any design variance
and alterations.
•
As-built drawings/documents.
•
Final Product/Equipment data.
•
Final Security Manual.
•
Training (refer to NEOM Security Compliance
List).
•
OAT(s) (refer to NEOM Security Compliance
List).
•
Warranty documentation preparation (refer to
NEOM Security Compliance List).
•
Review Security Manual.
•
Evaluate/Approve records of evidence of
Factory and Site Testing.
•
Monitor Training.
•
Monitor Testing.
•
Review O & M manuals.
•
Review As-built drawings
•
Review Product/Equipment data.
•
Evaluate/Approve records of evidence of
Reliability or Operational Availability
Testing.
•
Review Warranty documentation.
•
Audit Compliance at construction sites.
•
•
Evaluate/Approve records of evidence of
After-acceptance test (Afterimplementation testing).
Approve snagging items.
DOCUMENT CODE : NEOM-NSE-PRC-001
•
Monitor Testing.
•
Monitor Commissioning.
•
Monitor Security Manual implementation.
•
Monitor Training.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
Equipment selection (refer to NEOM
Security Compliance List).
Security Manual further refined.
Attend Security Operator Training.
Review maintenance Contract.
o
•
•
•
Documents and Drawings.
Approval of documentation for Stages 1 - 3 is
required prior to the construction, procurement or
installation of any new security equipment, system or
security infrastructure.
If Consultant led Detailed Design then `Security
Contractor' requirements remain with the Security
Consultant.
End of Stage
o
Approval of Stage 4 documentation is required during
the commissioning stage of the security system but
prior to declaring the facility operational.
•
Ensure test and handover scripts are prepared
and approved.
PAG E 3 6 OF 31 1
Stage
S5
Description
Operation & Maintenance
NEOM Public Safety Department
Proponent
Security Consultant
Security Contractor
•
Evaluate design variance and alterations.
•
Review early O&M manuals.
•
Complete all testing activities.
•
Audit completion of security system
installation (Witness commissioning).
•
Evidence of witnessing at commissioning.
•
Resolve all issues identified in the punch lists.
•
Record of evidence of all testing activities.
•
Witness handover.
•
Compliance certificate for the required testing
plans, and test contents.
•
Complete As-Built drawings/documents/tables
from previous Stages.
•
Lesson learned documentation.
•
System Commissioning.
•
Operational Readiness Certification (ORC)
•
Security Compliance Certification for the
construction, installation and commissioning of
all security infrastructure, systems and
components implemented by the project.
•
Warranty Agreements/ Certificates (refer to
NEOM Security Compliance List).
•
Security Equipment Training.
•
Collation of Snagging Items.
•
Final acceptance & sign-off on the project as
work completed (Project completion certificate).
•
Handing over of the security system for
operational use to the Facility Operator.
•
Evidence of witnessing at Handover.
Operation:
•
Compliance to Annex C if an interim facility.
•
Compliance to the Security Manual.
•
Post-acceptance test (refer to NEOM
Security Compliance List).
•
Development of service contracts.
•
Manage warranty plans.
•
Detailed record keeping of Operating costs.
•
Review of operations logs and records.
Maintenance:
•
Maintenance contract and service level
agreement.
•
Detailed record keeping of Maintenance.
•
Detailed record keeping of fault reporting.
•
Upgrades.
•
System completed its useful life.
Evaluation:
•
Lesson learned.
•
Detailed record keeping of ideas for
enhancement.
•
Lifecycle planning.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 7 OF 31 1
Matrix 2 – Fast Track Design Route
Each design submission will be accompanied by a BIM model and GIS files developed to the level specified in NEOM’s Technical Procedure reference NEOM-NEN-PRC-009 (GIS & BIM Procedure) at the end of each design stage. The proponent is responsible
for deliverables under Security Consultant and Security Contractor.
Stage
Description
NEOM Public Safety Department
Proponent
S1
Strategic Definition
•
•
Develop Security Vision and Strategy for
the Development that is aligned with
both the NEOM Security Strategy and
the Vision and Strategic Objectives for
the Development.
S2
Concept Master Plan (2A)
•
Determine the type of the facility.
Detailed Master Plan (2B)
•
Propose the Protection Group in
consultation with the Security
Consultant.
•
Submit Development Assets for Public
Safety to confirm asset compliance.
•
Design coordination facilitated across all
disciplines.
•
STRA Report (refer to NEOM Security
Compliance List).
•
Implement minimum security standards
through design.
•
Security Manual Contents and Format.
•
Concept Of Design (COD): Conceptual
Design Document and Drawings (refer to
NEOM Security Compliance List).
•
Incorporate all requirements from the
Protection Group.
•
Design Comments Log updated.
•
Review Detailed Design:
If Contractor led Detailed Design:
o
Documents and Drawings.
•
o
Equipment selection (refer to NEOM
Security Compliance List).
Further develop Deliverables from
previous stages.
•
Detailed Design:
NEOM Security Standard issued.
Initial Asset Brief (2C)
End of Stage
S3
Concept Design (3A)
Developed Design (3B)
•
Agree minimum security requirements
Security Contractor
Developed and Detailed Design Stages combined into a single design stage
•
Detailed Design (3C)
•
Tendering Stage & IFC (3D)
Security Consultant
•
Tender documents and drawings
providing sufficient detail for contractor
pricing and scope of work to be clearly
understood.
Final coordination of design with other
disciplines.
Tender Stage support to NEOM
End of Design Stage
DOCUMENT CODE : NEOM-NSE-PRC-001
If Consultant led Detailed Design then
‘Security Contractor’ requirements remain
with the Security Consultant
Documents and Drawings.
o
Equipment selection (refer to NEOM
Security Compliance List).
•
Security Manual further refined.
Approval of documentation for Stages 1 - 3 is
required prior to the construction,
procurement or installation of any new
security equipment, system or security
infrastructure
•
Testing Plans (refer to NEOM Security
Compliance List).
•
Tender Stage support to NEOM.
•
•
If Consultant led Detailed Design then
`Security Contractor' requirements
remain with the Security Consultant.
Refinement of design information as
required to be Issued For Construction
(IFC).
•
Collated Detailed Design and IFC
information.
•
Collated Detailed Design and IFC
information.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
o
Approval of documentation for Stages 1 - 3 is
required prior to the construction, procurement
or installation of any new security equipment,
system or security infrastructure
PAG E 3 8 OF 31 1
Stage
Description
NEOM Public Safety Department
S4
Mobilisation & Construction (4A)
•
•
Testing, Commissioning, Handover and Close-Out
(4B)
Security Consultant
Security Contractor
Attend Security Operator Training.
•
Review Security Manual.
•
Evaluate/Approve records of evidence of
Factory and Site Testing.
•
Monitor Training.
Compliance to Annex C requirements for
the construction sites.
•
Monitor Testing.
•
Installation of security infrastructure and
systems compliant with IFC information.
•
FAT(s) (refer to NEOM Security
Compliance List).
•
SAT(s) (refer to NEOM Security
Compliance List).
•
Refine Operational Policies and
Procedures.
•
Maintenance preparation (refer to NEOM
Security Compliance List).
•
Record, with authorizations any design
variance and alterations.
•
As-built drawings/documents.
•
Final Product/Equipment data.
•
Final Security Manual.
•
Training (refer to NEOM Security
Compliance List).
•
OAT(s) (refer to NEOM Security
Compliance List).
•
Warranty documentation preparation (refer
to NEOM Security Compliance List).
•
Review maintenance Contract.
•
Review O & M manuals.
•
Review As-built drawings
•
Review Product/Equipment data.
•
Evaluate/Approve records of evidence of
Reliability or Operational Availability
Testing.
•
Review Warranty documentation.
•
Audit Compliance at construction sites.
•
Proponent
Evaluate/Approve records of evidence of
After-acceptance test (Afterimplementation testing).
•
Monitor Testing.
•
Monitor Commissioning.
•
Monitor Security Manual
implementation.
•
Approve snagging items.
•
Evaluate design variance and
alterations.
•
Monitor Training.
•
Audit completion of security system
installation (Witness commissioning).
•
•
•
Witness handover.
DOCUMENT CODE : NEOM-NSE-PRC-001
•
Ensure test and handover scripts are
prepared and approved.
Review early O&M manuals.
•
Complete all testing activities.
Evidence of witnessing at commissioning
•
Resolve all issues identified in the punch
lists.
•
Record of evidence of all testing activities.
•
Compliance certificate for the required
testing plans, and test contents.
•
Complete As-Built
drawings/documents/tables from previous
Stages.
•
Lesson learned documentation.
•
System Commissioning.
•
Operational Readiness Certification
(ORC).
•
Security Compliance Certification for the
construction, installation and
commissioning of all security
infrastructure, systems and components
implemented by the project.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
Approval of Stage 4 documentation is
required during the commissioning stage of
the security system but prior to declaring
the facility operational.
PAG E 3 9 OF 31 1
Stage
S5
Description
Operation & Maintenance
NEOM Public Safety Department
Nil.
Proponent
Security Consultant
Operation:
Nil.
•
Compliance to Annex C if an interim
facility.
•
Compliance to the Security Manual.
•
Post-acceptance test (refer to NEOM
Security Compliance List).
•
Development of service contracts.
•
Manage warranty plans.
•
Detailed record keeping of Operating
costs.
•
Review of operations logs and records.
Security Contractor
•
Warranty Agreements/ Certificates (refer to
NEOM Security Compliance List).
•
Security Equipment Training.
•
Collation of Snagging Items.
•
Final acceptance & sign-off on the project
as work completed (Project completion
certificate).
•
Handing over of the security system for
operational use to the Facility Operator.
•
Evidence of witnessing at Handover.
Nil.
Maintenance:
•
Maintenance contract and service level
agreement.
•
Detailed record keeping of Maintenance.
•
Detailed record keeping of fault
reporting.
•
Upgrades.
•
System completed its useful life.
Evaluation:
•
Lesson learned.
•
Detailed record keeping of ideas for
enhancement.
•
Lifecycle planning.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 0 OF 31 1
5
Minimum Security Requirements
The following table matrices set out the minimum-security requirements expected for Industrial and Non-Industrial sites. It clearly sets out the minimum expected standards for security provision at each designated protection group;
Baseline, Enhanced and Restricted. For security elements, auxiliary systems shall be designed in compliance with BRA/QRA.
Non-Industrial Security Functional Requirements
Non-Industrial
Ref
Security Elements
A1
VSS & Video
Analytics
Baseline
Enhanced
Restricted
1.
Publicly accessible spaces shall be covered by camera surveillance
to an Observation resolution (62ppm).
1.
All entry points are to be covered by visual surveillance cameras
with a Recognition (125ppm) level of coverage.
1.
All entry points are to be covered by visual surveillance cameras
with a Recognition (125ppm) level of coverage.
2.
Multi-tenanted/occupancy buildings shall incorporate camera
surveillance to an Observation resolution (62ppm) in all corridors
and circulation spaces.
2.
Main pedestrian access points are to be covered by camera
surveillance to an Identification resolution (250ppm).
2.
Main pedestrian access points are to be covered by camera
surveillance to an Identification resolution (250ppm).
3.
Only utilised where another function is required (i.e. people
counting, IDS).
BOH / FOH Transition points shall be covered by camera
surveillance to a Recognition (125ppm) level of coverage.
3.
3.
BOH / FOH Transition points shall be covered by camera
surveillance to a Recognition (125ppm) level of coverage.
4.
Publicly accessible spaces shall be covered by camera surveillance
to an Observation resolution (62ppm).
4.
Publicly accessible spaces shall be covered by camera surveillance
to an Observation resolution (62ppm).
5.
Motion detection at the edge should be utilised to optimise recording
levels, with motion treated as being a trigger for recording rates.
5.
(Edge refers to capability/processing completed at the sensor rather than
at the main interface/processing unit.)
All lobby areas, restricted area, key points, and high value asset
storage to be covered by camera surveillance to a Recognition
(125ppm) level of coverage.
6.
Additional coverage requirements around each individual site should be
informed by the Security Design and site specific STRA, but will include:
Motion detection at the edge should be utilised to optimise recording
levels, with motion treated as being a trigger for recording rates.
7.
Specific sterile zones will be established within the facilities and
these should be covered by suitable analytics.
Key constriction points to utilise facial recognition at all facilities.
1.
Entrance and exit areas of sites including emergency exits.
2.
Entrance and exits of all the roads, street and walk ways.
8.
3.
Vehicle parking entrance and parking area.
4.
Control and equipment room of proposed system.
Additional coverage requirements around each individual site should be
informed by the Security Design and site specific STRA.
5.
All passenger's drop off and pickup areas.
6.
Reception / customer service and waiting area.
7.
Water / fuel tanks refuelling points, main utility room entrances
(electrical, lifts, mechanical, and communication rooms).
8.
Goods loading and unloading areas.
9.
Entrance of public toilet.
10. Entrance of Mosque and government institution.
11. Around the outer fence of the area with 100% coverage to enable
intrusion detection.
A2
Other Surveillance
Systems


A3
ACS
1.
Access control required based upon Single-Factor Authentication.
1.
2.
Location, authentication type etc should be detailed in the design
process.
3.
All access control systems will incorporate an identity token
management system for both digital and physical tokens.
1.
Linkage to radar detection systems to provide tracking capability if
wide area surveillance is identified as a requirement during the
STRA process.
Access control required based upon Single-Factor Authentication.
1.
Access control required based upon Dual-Factor Authentication.
2.
Location, authentication type etc should be detailed in the design
process.
2.
Location, authentication type etc should be detailed in the design
process.
3.
All access control systems will incorporate an identity token
management system for both digital and physical tokens.
3.
All access control systems will incorporate an identity token
management system for both digital and physical tokens.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 1 OF 31 1
Non-Industrial
A4
IDS
Applied to individual secure units and high importance areas.
A single technology approach should be adopted.
Intruder detection to be possible through forced entry of any door that is
access controlled or strong situational awareness with proactive
monitoring at the perimeter of the site.
For any critical areas, a single technology-based detection with
verification cameras will be utilised.
Intruder detection to be possible through forced entry of any door that is
access controlled, supported with camera verification.
For critical areas, dual technology detection with verification cameras to
be utilised.
The perimeter IDS shall utilise dual-technology detection with cameras
systems with analytics.
A5
Duress Alarms
Only required where it is a multi-occupancy building.
Static panic alarms to be provided at key points within the building
layouts (i.e. reception).
Static panic alarms are to be provided at key points throughout the
facility to allow duress situations to be alerted.
A6
Security Lighting
1.
1.
Lighting should be provided to support security infrastructure, safety
and movement.
1.
Lighting should be provided to support security infrastructure, safety
and movement.
2.
VSS Cameras to incorporate IR illumination.
2.
VSS Cameras to incorporate IR illumination.
3.
For facilities with a fixed perimeter, visible illumination of the
perimeter is to be provided during the hours of darkness. This
illumination zone is a strip of 2.0m outward and inward of the
perimeter barrier.
Lighting should be provided to support security infrastructure, safety
and movement.
A7
Cyber Security
See Cyber Security Section (ref: NEOM Standard)
A8
Perimeter Security
(Site / Building)
1.
Territorial demarcation should be provided through ‘green’ planted
barriers to movement. CPTED guidance should be applied.
1.
Territorial demarcation should be provided through ‘green’ planted
barriers to movement. CPTED guidance should be applied.
1.
Territorial demarcation should be provided through ‘green’ planted
barriers to movement. CPTED guidance should be applied.
2.
Where a secured perimeter is required:
2.
Where a secured perimeter is required:
2.
Where a secured perimeter is required:
3.
See Cyber Security Section (ref: NEOM Standard)
•
A fence line should be installed providing a minimum height of
3.0m.
•
A fence line should be installed providing a minimum height of
3.0m.
•
A fence line should be installed providing a minimum height of
3.0m.
•
Lighting should support safe movement and security activity.
•
Vehicle Barrier with single factor access control and video
intercom, if required by type of facility.
•
Vehicle Barrier with single factor access control and video
intercom.
•
Pedestrian gate with single factor access control and video
intercom, if required by the type of facility.
•
Pedestrian gate with single factor access control and video
intercom.
•
Lighting should support safe movement and security activity.
•
Lighting should support safe movement and security activity.
•
Provide a stable structure that is capable of hosting a PID
system.
•
Provide a stable structure that is capable of hosting a PID
system.
If provided by the building exterior:
•
Walls, windows, grilles, and doors to provide a minimum level of
delay equivalent to LPS 1175 A1.
3.
If provided by the building exterior:
•
A9
Vehicle Security
Barriers

See Cyber Security Section (ref: NEOM Standard)
3.
•
Walls, windows, grilles, and doors to provide a minimum level of
delay equivalent to LPS 1175 A1.
The building and its associated landscaping should be designed to deny
vehicle paths close to the building and towards vulnerable entrances and
facades. Where possible, a 20.0m stand-off should be achieved.
If provided by the building exterior:
Walls, windows, grilles, and doors to provide a minimum level of
delay equivalent to LPS 1175 B3.
All facilities will be landscaped and utilise suitable Vehicle Security
Barriers at entrance points and perimeter to prevent unauthorised
vehicle entry. These VSBs shall be selected from IWA 14 or equivalent
approved products.
All selected VSBs shall meet the vehicle impact requirements
determined by the Vehicle Dynamics Assessment.
Any landscaping measures utilised, shall conform to the required
dimensions to prevent vehicle entry or encroachment.
A10
C-UAS


DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
1.
All drones should be subject to a strict no-fly zone, unless
specifically used as part of the facility operational plan.
2.
Each site will have a DTI system as standard. E based systems will
be employed based on a specific need and safe area to operate.
3.
All sensitive areas should be screened to prevent data extraction
using a UAS, this also includes roof areas.
PAG E 4 2 OF 31 1
Non-Industrial
4.
A11
Blast Protection

Sensitive information processing should be done at a location in the
buildings that prevent direct line of sight, and other directional
information gathering from occurring.
Materials, fixtures, and fittings within public areas not accessible by
vehicle should be constructed to withstand the equivalence of 15kg TNT
at a distance of 6.0m with no secondary fragments projected further then
10.0m from the seat of the explosion.
Materials, fixtures, and fittings within public areas not accessible by
vehicle should be constructed to withstand the equivalence of 15kg TNT
at a distance of 6.0m with no secondary fragments projected further then
10.0m from the seat of the explosion.
Where achievable a minimum 20.0m stand-off should be achieved from
the building fabric for vehicles. Where this is not possible, the effects of
blast shall be considered with the stand-off which is achievable.
Where achievable a minimum 20.0m stand-off should be achieved from
the building fabric for vehicles. Where this is not possible, the effects of
blast shall be considered with the stand-off which is achievable.
Buildings should be designed to avoid progressive collapse of the
primary structure caused by 100kg TNT equivalent at 20.0m stand-off.
This can be achieved through stand-off distance, building hardening or a
combination of both. Calculations and/or modelling shall be completed
for the enforceable stand-off from the building.
Buildings should be designed to avoid progressive collapse of the
primary structure caused by 500kg TNT equivalent at 20.0m stand-off.
This can be achieved through stand-off distance, building hardening or a
combination of both. Calculations and/or modelling shall be completed
for the enforceable stand-off from the building.
The most severe damage mechanism, i.e. overpressure, impulse
loading, should be utilised.
The most severe damage mechanism, i.e. overpressure, impulse
loading, should be utilised.
For security elements which respond to impulse loading, the value of
impulse shall be taken from BRA or QRA.
Design teams should also consider improved protection of specific
critical rooms within the Restricted facility, such as:
•
Security Control Rooms.
•
Gate / Entry Posts.
•
Safe Rooms.
For security elements which respond to impulse loading, the value of
impulse shall be taken from BRA or QRA.
A12
Ballistic Protection


Ballistic protection should be provided at key areas within Restricted
facilities where the threat presents a higher likelihood and impact. It is
anticipated that this will be primarily the Security Control Rooms and
Gate / Entry Points, however the STRA may identify additional critical
areas that may require protection.
The protective measures at these points should be designed to provide
the following security ratings:
•
Provide baseline protection against BR/FB6 and SG2.
•
Adopt as a minimum both BS EN 1063 and BS EN 1522 standards.
A13
Security Doorsets
See Section A13.
See Section A13.
See Section A13.
A14
Security Glazing
See Section A14.
See Section A14.
See Section A14.
A15
Manual Lock
Security
1.
1.
1.
Keyless in-line with doorset requirements, off-line locks are usable
for low usage areas.
A16
Searching,
Screening and
Detection

1.
Infrastructure provision should be allowed within design to enable
100% of people to be processed.
2.
People screening to be conducted using Millimetric Wave Scanners
(MMW).
3.
Bag scanning to be conducted using either 3d X-Ray scanning or
CT scanning that does not require the removal of electronic and
other goods from bags. If the STRA indicates significant risk, then
screening of personnel and bags should be conducted in a
dedicated space or building designed to withstand the effects of
15kg TNT equivalent.
4.
For vehicle entrances, sufficient space should be allowed for to
undertake vehicle search. Screening of vehicles will be achieved
Keyless in-line with doorset requirements, off-line locks are usable
for low usage areas.
Keyless in-line with doorset requirements, off-line locks are usable
for low usage areas.

DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 3 OF 31 1
Non-Industrial
through the use of Under Vehicle Imaging System (UVIS) supported
by appropriate manual search (i.e. Explosive Trace Detection) as
required.
A17
Security Control
Room and
Monitoring Points
1.
The security system should be monitored in either an SCR or via a
formal monitoring point or security control point suitable for the type
of facility.
2.
Additional monitoring capability should be provided at an alternative
on-site location either through a dedicated interface or via a browser
application.
3.
A18
HVAC, Intakes and
Ducting

1.
The security system should be monitored in either an SCR or via a
security monitoring point suitable for the type of facility.
1.
A dedicated Security Control Room should be provided for each
Restricted level facility.
2.
Additional monitoring capability should be provided at any static
security control point, gatehouse or command and control centre.
2.
Additional monitoring capability should be provided at any static
security control point, gatehouse or command and control centre.
3.
To provide redundancy, an off-site monitoring solution may be
utilised.
3.
The sizing and operational requirements for the site-specific SCR
shall be determined as an outcome of the overall electronic security
design.
For all locations with external air intakes, these should be positioned at a
height greater than 4.0m or made inaccessible to uncontrolled areas.
1.
All intakes should be positioned in controlled areas that negate easy
access to unauthorised personnel and a minimum of 4.0m from FFL.
2.
Rapid close-down, flow reversal and other methods should be
features of the system.
3.
All air duct or air vent openings exceeding 8 x 12 in the rooftop or
exterior walls of any building shall be secured by means of:
The use of an off-site monitoring capability may be possible.
4.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
•
Iron bars of at least 0.5 inch diameter or flat steel bars of at
least 0.25 inch width, spaced no more than 5 inches and
securely fastened.
•
Grill of at least 8 inch steel and 2 inch mesh, if the barrier is on
the outside, it shall be secured with galvanized rounded head,
flush bolts of at least three 8 inch diameter.
Roof mounted intakes should be protected from UAS interference.
PAG E 4 4 OF 31 1
Industrial Security Functional Requirements
Industrial
Ref
Security Elements
Baseline
Enhanced
Restricted
B1
VSS and Video
Analytics
1.
Publicly accessible spaces shall be covered by camera
surveillance to an Observation resolution (62ppm).
1.
All entry points are to be covered by visual surveillance cameras with a
Recognition (125ppm) level of coverage.
1.
All entry points are to be covered by visual surveillance cameras with a
Recognition (125ppm) level of coverage.
2.
Only utilised where another function is required (i.e.
people counting, IDS).
2.
Main pedestrian access points are to be covered by camera surveillance
to an Identification resolution (250ppm).
2.
Main pedestrian access points are to be covered by camera surveillance to
an Identification resolution (250ppm).
3.
BOH/FOH Transition points shall be covered by camera surveillance to a
Recognition (125ppm) level of coverage.
3.
BOH/FOH Transition points shall be covered by camera surveillance to a
Recognition (125ppm) level of coverage.
4.
Publicly accessible spaces shall be covered by camera surveillance to an
Observation resolution (62ppm).
4.
Publicly accessible spaces shall be covered by camera surveillance to an
Observation resolution (62ppm).
5.
ALPR to be utilised at vehicle entrances onto site.
5.
6.
Perimeter to be covered by visual surveillance cameras with an
Observation resolution (62ppm) level of coverage.
All lobby areas, restricted area, key points, and high value asset storage to
be covered by camera surveillance to a Recognition (125ppm) level of
coverage.
7.
Perimeter to be covered by visual assessment PTZ cameras.
6.
ALPR to be utilised at vehicle entrances onto site.
8.
Motion detection at the edge should be utilised to optimise recording
levels, with motion treated as being a trigger for recording rates.
7.
Perimeter to be covered by visual surveillance cameras with an
Observation resolution (62ppm) level of coverage.
8.
Perimeter to be covered by visual assessment PTZ cameras.
9.
Motion detection at the edge should be utilised to optimise recording levels,
with motion treated as being a trigger for recording rates.
10. Specific sterile zones, covered by suitable analytics, will be established at
the perimeter and within the facilities.
11. Key constriction points to utilise facial recognition at all facilities.
B2
B3
B4
Other Surveillance
Systems
ACS
IDS

1.
Linkage to radar detection systems to provide tracking capability for wide
area surveillance is to be considered by the designer where:
1.
Linkage to radar detection systems to provide tracking capability for wide
area surveillance is to be considered by the designer where:
•
Coverage is beneficial and/or extended distances are required above
500m.
•
Coverage is beneficial and/or extended distances are required above
500m.
•
There is a requirement to identify and track multiple targets and/or
authorised vehicles or personnel. This would be achieved with a type
of AIS system.
•
There is a requirement to identify and track multiple targets and/or
authorised vehicles or personnel. This would be achieved with a type
of AIS system.
•
The coverage provided would be more cost-effective considering
supply, install, operational and integration costs.
•
The coverage provided would be more cost-effective considering
supply, install, operational and integration costs.
Critical Area(s):
Critical Area(s):
Critical Area(s)
1.
1.
1.
Dual Factor Authentication (1 Biometric) Read in /
Read out.
Dual Factor Authentication (1 Biometric) Read in / Read out.
Controlled Area(s):
Controlled / General Area:
2.
2.
3.
General Area(s):
Single Factor authentication.
All access control systems will incorporate an identity
token management system for both digital and
physical tokens.
Intruder detection to be possible through forced entry of
any door that is access controlled or strong situational
awareness with proactive monitoring at the perimeter of the
site.
Dual Factor Authentication (1 Biometric) Read in / Read out.
Dual Factor Authentication (1 Biometric + 1 Issued on-site only credential)
Read in / Read out.
Controlled Area(s)
2. Dual Factor Authentication (1 Biometric) Read in / Read out.
General Area(s)
3. Single Factor Authentication.
4. All access control systems will incorporate an identity token management
system for both digital and physical tokens.
3.
4.
Single Factor Authentication.
All access control systems will incorporate an identity token management
system for both digital and physical tokens.
Intruder detection to be possible through forced entry of any door that is
access controlled, supported with camera verification.
Intruder detection to be possible through forced entry of any door that is access
controlled, supported with camera verification.
For critical areas, dual technology detection with verification cameras to be
utilised.
For critical areas, dual technology detection with verification cameras to be
utilised.
For any critical areas, a single technology-based detection
with verification cameras will be utilised.
The perimeter shall incorporate IDS which utilises dual-technology detection
including cameras systems with analytics.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 5 OF 31 1
Industrial
B5
Duress Alarms
Only required where it is a multi-occupancy building.
Static panic alarms to be provided at key points within the building layouts (i.e.
reception).
Static panic alarms are to be provided at key points throughout the facility to
allow duress situations to be alerted.
B6
Security Lighting
1.
Lighting should support safe movement during the
operational hours of the facilities.
1.
Lighting should support safe movement during the operational hours of the
facilities.
1.
Lighting should support safe movement during the operational hours of the
facilities.
2.
VSS Cameras to incorporate IR illumination.
2.
VSS Cameras to incorporate IR illumination.
2.
VSS Cameras to incorporate IR illumination.
3.
For facilities with a fixed perimeter, visible illumination
of the perimeter is to be provided during the hours of
darkness. This illumination zone is a strip of 3.0m
outward and 2.0m inward of the perimeter barrier.
3.
For facilities with a fixed perimeter, visible illumination of the perimeter is
to be provided during the hours of darkness. This illumination zone is a
strip of 3.0m outward and 3.0m inward of the perimeter barrier.
3.
For facilities with a fixed perimeter, visible illumination of the perimeter is to
be provided during the hours of darkness. This illumination zone is a strip of
3.0m outward and 10.0m inward of the perimeter barrier.
B7
Cyber Security
See Cyber Security Section (ref: NEOM Standard)
See Cyber Security Section (ref: NEOM Standard)
See Cyber Security Section (ref: NEOM Standard)
B8
Perimeter Security
(Site / Building)
1.
1.
1.
2.
The external site perimeter shall meet the following:
External Clear Zone: Min. 3.0m width.
•
External Clear Zone: Min. 3.0m width.
•
External Clear Zone: 3.0m width.
•
Fence/Barrier: Min. 3.0m height.
•
Fence/Barrier: Min. 3.0m height.
•
Outer Fence: Min. 3.0m height.
•
Detection: On fence/barrier or internal if identified
through the STRA.
•
Detection: On fence/barrier or internal if identified through the STRA.
•
Detection Zone: 5.0m width.
•
VSS: Perimeter coverage / Min. images: 25ppm.
VSS: Continuous coverage / Min. images: 62ppm, with PTZ for
tracking.
•
•
VSS: Continuous coverage / Min. images: 62ppm, with PTZ tracking to
125ppm.
•
24hr capability required.
•
24hr capability required.
•
24hr capability required.
•
Internal Clear Zone: Min. 2.0m width, including the
detection zone if required.
•
Internal Clear Zone: Min. 3.0m width, including detection zone if
required.
•
Internal Clear Zone: 5.0m width.
•
Provide minimum overall delay of 10 mins as Section B9 details.
•
Provide minimum overall delay of 5 mins as
Section B9 details.
•
An internal barrier may be added
2.
•
Provide minimum overall delay of 10 mins as Section B9 details.
After the perimeter security lighting and before the internal patrol road, sign
postings defining the limit of the perimeter security internal clear zone shall be
installed at maximum intervals of 250 meters. The sign must include the text
“Security Zone - Entry for Authorized Persons Only”.
Signage
The sign shall be readable from both sides of the zone and
shall have reflective painting and readable day and night.
Vehicle Security
Barriers
The external site perimeter shall meet the following:
•
After the perimeter security lighting and before the internal
patrol road, sign postings defining the limit of the perimeter
security internal clear zone shall be installed at maximum
intervals of 250 meters. The sign must include the text
“Security Zone - Entry for Authorized Persons Only”.
B9
The external site perimeter shall meet the following:
Only if the requirement is identified via the STRA.
2.
Signage
After the perimeter security lighting and before the internal patrol road, sign
postings defining the limit of the perimeter security internal clear zone shall be
installed at maximum intervals of 250 meters. The sign must include the text
“Security Zone - Entry for Authorized Persons Only”.
Signage
The sign shall be readable from both sides of the zone and shall have reflective
painting and readable day and night.
The sign shall be readable from both sides of the zone and shall have
reflective painting and readable day and night.
The building and its associated landscaping should be designed to deny
vehicle paths close to critical assets and towards vulnerable entrances and
facades. Where possible, a 25.0m stand-off should be achieved to critical
assets.
A physical barrier may be added if identified through the STRA and approved
by NEOM PSD.
All facilities will be landscaped and utilise suitable Vehicle Security Barriers at
entrance points and perimeter to prevent unauthorised vehicle entry. These
VSBs shall be selected from IWA 14 or equivalent approved products.
All selected VSBs shall meet the vehicle impact requirements determined by the
Vehicle Dynamics Assessment.
Any landscaping measures utilised, shall conform to the required dimensions to
prevent vehicle entry or encroachment.
A physical barrier may be added if identified through the STRA and approved by
NEOM PSD.
Where possible, a 45.0m stand-off should be achieved to critical assets and a
25.0m stand-off to assets.
B10
C-UAS

1.
Site should include a DTI system is threat is identified within the STRA.
DOCUMENT CODE : NEOM-NSE-PRC-001
1.
All drones should be subject to a strict no-fly zone, unless specifically used
as part of the facility operational plan.
2.
Each site will have a DTI system as standard. E based systems will be
employed based on a specific need and safe area to operate.
3.
All sensitive areas should be screened to prevent data extraction using a
UAS, this also includes roof areas.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 6 OF 31 1
Industrial
4.
B11
Blast Protection

Sensitive information processing should be done at a location in the
buildings that prevent direct line of sight, and other directional information
gathering from occurring.
Materials, fixtures, and fittings within public areas not accessible by vehicle
should be constructed to withstand the equivalence of 15kg TNT at a distance
of 6.0m with no secondary fragments projected further then 10.0m from the
seat of the explosion.
Materials, fixtures, and fittings within public areas not accessible by vehicle
should be constructed to withstand the equivalence of 15kg TNT at a distance
of 6.0m with no secondary fragments projected further then 10.0m from the seat
of the explosion.
Where achievable a minimum 25.0m stand-off should be achieved from critical
assets.
Where achievable a minimum 45.0m stand-off should be achieved from critical
assets and 25.0m from assets.
Buildings should be designed to avoid progressive collapse of the primary
structure caused by 100kg TNT equivalent at 20.0m stand-off. This can be
achieved through stand-off distance, building hardening or a combination of
both. Calculations and/or modelling shall be completed for the enforceable
stand-off from the building.
Buildings should be designed to avoid progressive collapse of the primary
structure caused by 500kg TNT equivalentat 20.0m stand-off. This can be
achieved through stand-off distance, building hardening or a combination of
both. Calculations and/or modelling shall be completed for the enforceable
stand-off from the building.
The most severe damage mechanism, i.e. overpressure, impulse loading,
should be utilised.
The most severe damage mechanism, i.e. overpressure, impulse loading,
should be utilised.
For security elements which respond to impulse loading, the value of impulse
shall be taken from BRA or QRA.
Design teams should also consider improved protection of specific critical rooms
within the Restricted facility, such as:
•
Security Control Rooms.
•
Gate / Entry Posts.
•
Safe Rooms.
For security elements which respond to impulse loading, the value of impulse
shall be taken from BRA or QRA.
B12
Ballistic Protection

Ballistic protection should be provided at key areas within Enhanced facilities
where the threat presents a higher likelihood and impact. It is anticipated that
this will be primarily the Security Control Rooms and Gate / Entry Points,
however the STRA may identify additional critical areas that may require
protection.
Ballistic protection should be provided at key areas within Restricted facilities
where the threat presents a higher likelihood and impact. It is anticipated that
this will be primarily the Security Control Rooms and Gate / Entry Points,
however the STRA may identify additional critical areas that may require
protection.
The protective measures at these points should be designed to provide the
following security ratings:
The protective measures at these points should be designed to provide the
following security ratings:
•
Provide baseline protection against BR/FB6 and SG2.
•
Provide baseline protection against BR/FB6 and SG2.
•
Adopt as a minimum both BS EN 1063 and BS EN 1522 standards.
•
Adopt as a minimum both BS EN 1063 and BS EN 1522 standards.
B13
Security Doorsets
See Section B13.
See Section B13.
See Section B13.
B14
Security Glazing
See Section B14.
See Section B14.
See Section B14.
B15
Manual Lock
Security
1.
Keyless in-line with doorset requirements, off-line locks
are usable for low usage areas.
1.
Keyless in-line with doorset requirements, off-line locks are usable for low
usage areas.
1.
Keyless in-line with doorset requirements, off-line locks are usable for low
usage areas.
B16
Searching,
Screening and
Detection
1.
The ability to control vehicle entry to the site must be
allowed for. The designer is to provide the details of
how this will be achieved and it is to be agreed by
NEOM PSD.
1.
Infrastructure provision should be allowed within design to enable 100% of
people to be processed.
1.
Infrastructure provision should be allowed within design to enable 100% of
people to be processed.
2.
2.
People screening to be conducted using Millimetric Wave Scanners
(MMW).
A rejection U-turn lane shall be provided so vehicles
denied access shall be able to turn around without
entering the facility.
3.
People screening should be proportionate to the STRA and in line with the
detection matrix.
For vehicle entrances, searching should be proportionate to the STRA in
line with the detection matrix.
A rejection U-turn lane shall be provided so vehicles denied access shall
be able to turn around without entering the facility.
3.
Bag scanning to be conduct using either 3d X-Ray scanning or CT
scanning that does not require the removal of electronic and other goods
from bags.
For vehicle entrances, sufficient space should be allowed for to undertake
vehicle search. Screening of vehicles will be achieved through the use of
Under Vehicle Imaging System (UVIS) supported by appropriate manual
search (i.e. Explosive Trace Detection) as identified through the STRA.
A rejection U-turn lane shall be provided so vehicles denied access shall be
able to turn around without entering the facility.
2.
4.
4.
5.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 7 OF 31 1
Industrial
B17
Security Control
Room and
Monitoring Points
1.
The security system should be monitored in either an
SCR or via a formal monitoring point or security control
point suitable for the type of facility.
2.
Additional monitoring capability should be provided at
an alternative on-site location either through a
dedicated interface or via a browser application.
3.
B18
HVAC, Intakes and
Ducting

1.
The security system should be monitored in either an SCR or via a
security monitoring point suitable for the type of facility.
1.
A dedicated Security Control Room should be provided for each Restricted
level facility.
2.
Additional monitoring capability should be provided at any static security
control point, gatehouse or command and control centre.
2.
A secondary/back-up Security Control Room will be provided at a diverse
location from the primary SCR.
3.
To provide redundancy, an off-site monitoring solution may be utilised.
3.
Additional monitoring capability should be provided at any static security
control point, gatehouse or command and control centre.
4.
The sizing and operational requirements for the site-specific SCR shall be
determined as an outcome of the overall electronic security design.
1.
All intakes should be positioned in controlled areas that negate easy
access to unauthorised personnel and a minimum of 4.0m from FFL.
2.
Rapid close-down, flow reversal and other methods should be features of
the system.
All air duct or air vent openings exceeding 8 x 12 in the rooftop or exterior
walls of any building shall be secured by means of:
The use of an off-site monitoring capability may be
possible.
1.
2.
3.
4.
All intakes should be positioned in controlled areas that negate easy
access to unauthorised personnel and a minimum of 4.0m from FFL.
Rapid close-down, flow reversal and other methods should be features of
the system.
All air duct or air vent openings exceeding 8 x 12 in the rooftop or exterior
walls of any building shall be secured by means of:
3.
•
Iron bars of at least 0.5 inch diameter or flat steel bars of at least 0.25
inch width, spaced no more than 5 inches and securely fastened.
•
Iron bars of at least 0.5 inch diameter or flat steel bars of at least 0.25
inch width, spaced no more than 5 inches and securely fastened.
•
Grill of at least 8 inch steel and 2 inch mesh, if the barrier is on the
outside, it shall be secured with galvanized rounded head, flush bolts
of at least three 8 inch diameter
•
Grill of at least 8 inch steel and 2 inch mesh, if the barrier is on the
outside, it shall be secured with galvanized rounded head, flush bolts
of at least three 8 inch diameter
Roof mounted intakes should be protected from UAS interference.
DOCUMENT CODE : NEOM-NSE-PRC-001
4.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
Roof mounted intakes should be protected from UAS interference.
PAG E 4 8 OF 31 1
Annex A - Security Functional Requirements (Non-Industrial)
Environmental Requirements – All Systems
All systems in NEOM must perform without degradation caused by environmental influences and
weather conditions. Therefore, all systems should comply or exceed the following requirements.
Minimum environmental conditions shall comply with those related to Telecommunications spaces as
per BICSI-TDMM latest edition.
All security spaces (including Security Equipment Rooms, Security Rooms, Security Entrance
Facilities, Security Enclosures/Cabinets) shall be cooled by redundant split or central air-conditioning
units.
No cabling associated with security should be exposed.
Environmental Considerations
Minimum Performance Requirements
Wind, rain, hail and potentially snow.
•
IP66 and NEMA 4X-rated.
•
All devices such as camera columns shall be provided with
deflection analysis based on the local wind conditions to ensure
products are fit for purpose.
•
Minimum wind speed conditions: 112km/hr unless 20 year data
available.
Temperature variances.
The Working environment
-10 °C to +65 °C (-14 °F to 149 °F) including direct sunlight and
shall include temperature rise inside the cabinet.
Maximum temperature (intermittent): 65 °C (149 °F)
Humidity 5 – 100% RH (non-condensing)
-10 °C to +65 °C (-14 °F to 149 °F) when IR LEDs are off.
Light sources, including the sun.
•
Outdoor equipment should be designed to operate without air
conditioning or a forced air ventilation system and shall be able
to function continuously within its own specific environment
conditions.
•
Window type air conditioners shall not be used for cooling any
security facilities or equipment.
•
Outdoor equipment should be designed to meet the specified
performance required under the full range of the local
environmental conditions.
•
Equipment not capable of meeting environment requirements
should be installed in a cabinet with active cooling.
•
Capable of incorporating auxiliary equipment (coolers, heaters)
only if required.
•
Sun-shaded as necessary.
Minimum Illumination
•
With Wide Dynamic Range - forensic capture & Light finder
Colour: 0.1 lux at 30 IRE, F1.6, B/W: 0.008 lux F1.6, 0 lux with
IR illumination on.
•
Colour: 0.15 lux at 50 IRE, F1.6, B/W: 0.01 lux, F1.6, 0
lux with IR illumination on.
DOCUMENT CODE : NEOM-NEN-PRC-004
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 4 9 OF 31 1
Environmental Considerations
Minimum Performance Requirements
•
Products where possible shall be provided with a sunshield to
reduce glare and thermal overheating.
Privacy regulations related to specific
public areas.
All cameras to be capable of creating privacy masking in
accordance with the Human Rights Act 1998, Anti Cybercrimes Law
2017, The National Data Governance Regulations 2020.
Wildlife including birds.
Video Analytics - To Avoid False Alarms/Triggers
Water, dust and corrosion.
•
Included video motion detection, fence guard, motion guard,
loitering guard, Auto tracking, Active Gatekeeper.
•
The video analytics system shall assist an operator in rapidly
locating and determining the cause of sensor alarms by
identifying activity in the camera scene where potential risk
exists in the area being monitored. The processing shall allow
the detection of abnormal behaviour such as, but not limited to,
activity at a time when no activity is expected, packages left
behind, entry into a restricted area or approach to a restricted
area.
•
Support for installation and integration of third-party
applications.
Equipment Housing
•
IK08, IK10 housing and mounting, IP66- and NEMA 4X-rated.
•
Airborne Dust: Average 0.3 mg/m / Sandstorm 3 mg/m.
•
Re-coatable metal casing (aluminium), hard coated.
•
Lightweight, rugged.
•
Polycarbonate clear dome with Sharp dome Technology.
•
All coastal devices to be suitable for marine environments.
•
Sun shielded as necessary.
•
Shall be both vandal and corrosion resistant.
The following shall comply with BICSI-TDMM:
•
Security Spaces (i.e. security rooms) and related elements (i.e. HVAC and fire protection)
specifications for Telecommunications spaces.
•
Security indoor cable distribution systems (i.e. cable trays, conduits, grounding).
The following shall comply with BICSI-OSPDRM:
•
Security outdoor cable distribution systems (i.e. manholes, ductbanks, grounding).
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 0 OF 31 1
Testing Requirements – All Security Infrastructure
General
•
The first training class should be scheduled so that it is completed about 30 days before factory
acceptance test (if conducted) or site acceptance test begins.
•
Equipment performance testing is designed to determine whether equipment is functional, has
adequate sensitivity, and will meet its design and performance objectives. It is not sufficient for a
component to meet the manufacturer’s standards if the component proves ineffective during
testing.
•
Testing of the operational security structure should be undertaken.
•
Standard compliance testing (SCT). SCT encompasses both NEOM standards and industry
standards.
•
Original copies of all data produced during any testing should form part of the handover
documentation at the conclusion of each phase of testing, prior to approval of the test. This
documentation also describes who will witness all testing activities. The contractor will be required
to obtain written permission from NEOM before proceeding with any testing.
•
Any component that is a part of the security system should be tested. In addition to component
testing, subsystem and complete system tests will be specified to ensure that the system
performs according to the design.
•
Before testing, the customer (or the contractor) should develop (design and prepare) a detailed
test plan. The test plan specifies the testing approach that will be taken, what will be tested, when
it will be tested, how it will be tested, and who will perform the testing.
Pre-Delivery or Factory Acceptance Testing (FAT) / Initial Acceptance test (IAT)
•
The FAT should demonstrate the concept and functionality, including integrated activities prior to
any installation at the site. The FAT should be witnessed and reported upon by the designer.
•
All data produced during FAT, including the results of each test procedure, should be delivered to
the designer and NEOM for approval of the test.
•
All deficiencies noted in the FAT should be resolved to the satisfaction of NEOM before any
installation. The contract agreement should be written so that NEOM has the option of cancelling
the contract if any major issues identified during the FAT cannot be resolved within a reasonable
Period.
Site Acceptance Testing (SAT)
•
SAT should be started after written approval has been received from NEOM regarding any
previous testing activities or installation problems.
•
Before conducting the site testing, the contractor should provide a report to the designer and
NEOM describing results of previous acceptance tests, functional tests, diagnostics, and
calibrations, including written certification that the installed, complete system has been calibrated
and tested and is ready to begin SAT. This report should be received at least two weeks before
the start of SAT. The report should also include a copy of the approved FAT procedures. The
contractor should be instructed that NEOM or its agent may terminate testing any time the system
fails to perform as specified.
•
Using SAT procedures, the contractor should demonstrate that the completed system complies
with all the contract requirements. All physical and functional requirements of the project should
be demonstrated.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 1 OF 31 1
•
Upon successful completion of the SAT, the contractor should deliver test reports and other
documentation to the designer and NEOM before commencing further testing. The contractor
should deliver a report describing results of functional tests, diagnostics, and calibrations,
including written certification that the installed, complete system has been calibrated and tested
and is ready for reliability testing. The report should also include a copy of the approved SAT
procedures.
Reliability Test or Operational Availability Testing (OAT)
•
OAT is usually conducted over a 30-day period (24 hours per day for 30 consecutive calendar
days). The purpose of the test is to ensure that the system under test can operate reliably and
stably for an extended period.
•
OAT should not be started until NEOM notifies the contractor, in writing, that all acceptance
testing has been satisfactorily completed, training (if specified) has been completed, and all
outstanding deficiencies have been corrected.
•
The contractor should provide one representative to be available 24 hours per day, including
weekends and holidays (if necessary), during OAT.
•
NEOM may terminate testing whenever the system fails to perform as specified.
•
OAT is best conducted in alternating phases (15-day Phase I and 15-day Phase II) of testing and
evaluation to allow for validation of the tests and corrective actions. The contractor should make
no repairs during any phase of testing unless authorized by NEOM in writing.
•
After each Phase testing, the contractor should identify all failures, determine causes of all
failures, repair all failures, and deliver a written report to NEOM. The report should explain in
detail the nature of each failure, corrective action taken, and the results of tests performed; it
should also recommend when to resume testing. About a week after receiving the report,
thedesigner should convene a test review meeting at the job site to discuss the results and
recommendations. At the meeting, the contractor should demonstrate that all failures have been
corrected by performing appropriate portions of the acceptance tests. Based on the contractor’s
report and the test review meeting, NEOM may set a restart date or may require the Phase
repeated. The contractor should not commence any required retesting before receiving written
notification from the customer.
•
If the system experiences no failures during Phase I testing, the contractor may proceed directly
to Phase II testing after receipt of written permission from NEOM. Otherwise, the testing and
assessment cycles continue until the testing is satisfactorily completed. (The process is repeated
until the system either achieves the desired availability or the project team determines whether to
accept the system or make design changes.
After-Implementation Testing
Several tests may be conducted after implementation or when the system has begun it useful life,
such as these:
•
•
•
•
•
•
Operational test (periodic tests to prove correct system operation but do not involve verification of
equipment operating specifications)).
Performance test.
Post-maintenance test (operational test conducted after preventive or remedial maintenance).
Subsystem tests (ensure that large parrs of the system are all working together as originally
designed).
Limited scope tests (test a complex system which is broken down into several subsystems or
segments that are tested separately).
Evaluation tests (periodic test, performed at least once a year, to validate the vulnerability
analysis and ensure that overall effectiveness is being maintained).
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 2 OF 31 1
A1: Video Surveillance Systems and Video Analytics
Security Functional Requirements are included in the NEOM Security Standard to provide minimum
levels of appropriate security based upon the likely security related risk a facility, site or element of the
built environment may be subjected to in its final operational state.
Overview
This Section defines the performance requirements and design considerations that need to be taken
into account when designing Video Surveillance Systems (VSS) within NEOM.
The designer is required to produce field of view (FoV) traces for any camera included in their
design scheme. The coverage overlay must include where a camera will also incorporate a
video analytic, and the type of analytic being used.
Invisible and Discrete Surveillance
A key element of the NEOM community is privacy, and therefore VSS should only be used where
required and supported by the specific location Security Threat and Risk assessment. When required,
the design of equipment and infrastructure should be carefully considered and combined with other
infrastructure elements wherever possible. i.e. the placement of cameras in wayfinding totems,
lighting units etc.
Whilst, cameras should not be hidden, they should be discretely placed as not to detract from the
overall environment in the specific area. They must also take account of lighting schemes to ensure
the image quality is not degraded or obscured by either artificial or natural light levels across the year.
Exceptions to this are where a strong visible security presence is required to provide a robust
deterrent effect. The need for a strong deterrent effect should be identified through the Security
Threat and Risk assessment completed by the designer. It is expected this effect will be required for
facilities and sites with a protection grading of Restricted but may also apply to specific areas of an
Enhanced security site.
Areas Where Surveillance Will Be Required
The following areas should always be considered for surveillance. Where not included in the design
scheme, an exceptions matrix should be produced to evidence why surveillance is not required or is
not appropriate.
•
Automated vehicle entry points.
•
External access points onto sites for vehicles and pedestrians.
•
VSS in support of any intruder detection systems to provide as a minimum verification of the
alarm state, but also to provide tracking of an intrusion at perimeters as appropriate.
•
Vulnerable internal areas, including:
o
Main reception points.
o
Key access control points.
o
Front of House routes.
o
Computer Equipment Rooms (CERs).
o
Server Equipment Rooms (SERs).
o
Security Control Room.
o
Critical power supply areas and plant rooms.
o
Accessible communication route points.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 3 OF 31 1
o
Fire Command Centre.
o
Loading and delivery bays.
o
Lifts, lift lobbies and escalators, to capture key movement nodes.
o
Stairwells, for safety and to capture key movement nodes.
Regulatory requirements that are incorporated into NEOM should be complied with in all
circumstances.
Specific requirements for facilities that are at border locations will be required and should be
discussed with the NEOM Border Security Lead.
Performance Requirements
The following minimum performance requirements should be taken into account when developing the
VSS design.
System
Element
Requirement
Cameras
•
High Definition (HD) minimum, with suitable higher resolution cameras where
appropriate, including 360o cameras. (1920 x 1080 minimum)
•
IP cameras only.
•
Colour images at all image quality levels including low light to 0.05 Lux.
•
Support privacy zoning.
•
Support edge recording onto storage cards.
•
Suitable for IR illumination where visible light is not available.
•
ONVIF compliant in conjunction with the VSS.
•
Thermal cameras should be suitable for the usage and have a minimum resolution
of at least 320 x 240.
•
Support video analytics.
•
The VMS must be fully configurable and upgradable to extend its operational
lifespan. Including flexible licensing.
•
The VMS must have a single common and configurable Graphical User Interface
(GUI).
•
The VMS must provide audible and visual alarm indication.
•
The VMS must provide full IP camera support, graphical mapping, integration,
reporting, alarm management, remote access and user profile management.
•
The VMS must support individual camera quality and recording settings.
•
The VMS must provide alarm/event displays and recording.
•
The VMS must provide a minimum of 90 days of VSS camera video storage
according to the recording schedule.
•
The VMS must be fully resilient and redundant with availability not falling below
99.9%
•
The VMS provide configurable reporting for audit purposes to include but not limited
to event logs, user transactions, alarms, etc.
•
The VMS will allow reports to be automatically generated on a scheduled basis and
that can be emailed to specified recipients.
Video
Management
System
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 4 OF 31 1
System
Element
Recording
Requirement
•
The VSS cameras must be recorded and stored locally onsite via a resilient and
redundant infrastructure, or off-site storage must offer the same levels of resilience
and redundancy.
•
Must support video wall usage.
•
All cameras shall be geospatially mapped to provide physical coordinates of each
device. This capability shall be used to display imagery and alarm data on GIS maps
that correlate each camera location to the map.
•
Fully functional VSS cameras must be controllable via the VMS using a mouse or a
USB PTZ control unit and support primacy control.
•
The entire VSS system shall be capable of resisting mains power spikes and
fluctuation and an indirect lightning strike and its associated EMP.
•
The VMS will provide a graphical mapping interface with dynamic VSS device icons.
•
The VSS system shall support secure and encrypted communication.
•
The VMS must support controlled, secure and auditable data exporting to approved
storage devices.
•
The VMS will support instant video recording and data tagging via user initiation.
•
The VMS will support the use of mobile devices (including body-worn cameras) for
both live and recorded images, and remote monitoring.
•
VSS system must support 180 and 360-degree cameras with de-warping and
recording.
•
VSS system shall include the ability to pixelate any area of recorded video footage.
•
The Video Recording server software must have configurable settings for individual
cameras and record images with a time and date stamp.
•
The video from all cameras must be stored and be available for viewing locally and
across the network.
•
The video recording servers must be capable of recording IP camera video feeds.
•
The video recording servers will be installed, and rack mounted in a suitable location
such as an IT Comms/Server room with resilient network and power connectivity.
•
The video recording servers must alarm if a camera is lost, if a disk fails, if power or
communications are lost via the VMS.
•
The video recording server must receive a hard or soft shutdown trigger from a UPS
unit where installed.
•
Background recording rates unless stated as regulatory requirement will be 6pps
(pictures per second).
•
If event or alarm activated the recording rate will rise to 25 - 30pps.
•
Image retention will be as follows:
•
o
Restricted Protection Group – 90 days.
o
Enhanced Protection Group – 90 days.
o
Baseline Protection Group – 30 days.
o
All groups alarm events – 90 days.
Where surveillance assets provide imagery that supports NEOM border security,
image retention will be 180 days.
Minimum Resolution Requirements
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 5 OF 31 1
Resolution is defined in the following matrix. It is the responsibility of the designer to confirm any
resolution requirements based on their specific development. Both internal and external cameras will
be installed based upon the six image categories defined in the following matrix.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 6 OF 31 1
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 7 OF 31 1
Image Standards to be Used
Resolution Requirement
Pixels Per Metre (ppm)
Strong Identification
1000
Identification
250
Recognition
125
Observation
62
Detection
25
Monitoring
12
Automatic Licence Plate Readers
•
ALPR will only be utilised where non-automated vehicles will be used in the region.
•
Automated vehicles will carry transponders to aid their real time recognition and vehicle
movement.
•
Where ALPR is employed it will be required to record vehicle entry and exit from a facility or site.
This is mandatory for Restricted and Enhanced Industrial sites.
Operational Issues
•
The VSS cameras and VMS will be reliant upon a suitably resilient network infrastructure.
•
The UPS will need to shut down the VMS/video recording servers correctly after an agreed period
of time following a power failure if the backup generator does not come online.
•
Regular system maintenance must be carried out otherwise the images captured will lose clarity
and may not meet the capture requirements.
•
VSS data requests may be made by authorised organisations and these will need to be approved
by NEOM Public Safety Department in-line with NEOM Data Privacy Policy.
Key Functional Outcomes
•
The VSS system will provide live and a post-event record of unauthorised access into the
perimeter, buildings and vulnerable areas and of events and incidents on a 24/7 basis.
•
The VSS system will provide instant live coverage with pre/post footage of a detected incident,
initiated by the VSS system itself or via an integrated system.
•
The VSS system will aid situational awareness through blank or ‘priority’ screen monitoring
(monitoring by exception) on site, with the capability of doing the same across all sites during
emergencies.
Integration Requirements
The VSS should be capable of integrating with the following systems, with integration being defined
by the security level required at the facility, site or building.
•
ACS.
•
Security lighting.
•
Intercoms.
•
HVM active barriers.
•
Physical security documents, policies and procedures.
•
Manned guarding patrols.
•
Other security systems.
•
Ability to export and import movies and images to the system.
•
All security systems shall be integrated to the command and control centre.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 8 OF 31 1
Dependent upon the level of integration that is present between systems, linked actions and queued
effects may be required. These should be detailed in a cause and effects matrix.
A brief example of a cause and effects matrix is provided below.
Alarm Indicates On Security Work Station
Camera View xxx available for selection via
Work Station alarm
Event Recorded on Security Database
Effect
Analytic alert activated
X
X
X
Door forced alarm received
X
X
X
Cause
Camera auto-cue to alert/alarm area
Cause and Effects Matrix Example
Video Surveillance System
X
Video Analytics Overview
The use and application of video analytics will be a key method to achieving the NEOM Security
Vision to create safe and secure spaces, enabled through invisible technology.
This section will provide guidance to consultants and designers on the considerations around video
analytics that need to be made.
The application of video analytics should be informed by the specific STRA and any detection and
monitoring requirements. Designers should consider the use of analytics as part of a layered security
system and, in particular, they should be developed alongside the VSS ad IDS designs.
Selection of the correct video analytic is the responsibility of the design team to meet the specific
requirements of their Concept of Security Operations.
Type of Analytic
The type of analytic to be employed must be carefully considered by the designer, rather than an
‘overarching’ capability statement including a long list of analytics. Therefore, each analytic type and
its purpose should be:
•
Clearly describe the locations and cameras where the analytic will operate.
•
Define what the alert or alarm criteria for the analytic are to be.
•
Define where the alert or alarm will be received.
•
Define the operating details for the analytic, i.e. is it 24hr or time bound, or conditions dependent.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 5 9 OF 31 1
Intelligent Functions
The designer should consider whether self-learning systems, machine learning or AI applications can
enhance the use of a video analytic in their design.
Scene Robustness
The analytics engines must be able to operate effectively, and without undue false alarm rates or
degradation, in the intended operating environment for the surveillance asset/sensor. Therefore,
certain considerations need to be taken into account where the video scene may be unduly altered
without a security incident being actually present. Video Surveillance & Assessment System shall
provide active surveillance capability under all weather conditions. Some examples of weather
conditions are given in the following matrix.
If the analytics provides a critical security function, such as primary source of detection, and it will be
ineffective under certain conditions, as second technology must be utilised to avoid this vulnerability.
Location
External assets and sensors
Impact
Rain.
Dust.
Dense Fog.
Sandstorms.
Wind.
Land Animals.
Birds.
Scenery movement, such as trees, doors or other scene items not of
interest.
Water surface movement and reflections, if applicable.
Waves, if applicable.
Fast changing illumination levels, sunlight, deep shadows or vehicle lighting.
Low scene contrast.
Low light.
Internal assets and sensors
Doors or Lifts opening.
Escalator movement.
Changing illumination levels.
Reflection from surfaces, including glazing.
Overly crowded image scenes.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 0 OF 31 1
Cameras and Lighting
The choice of camera will assure that the best analytics performance is achieved. The
analytics/camera solution must be able to automatically adapt when a camera or a scene switches
between day and night modes. This should include the selection of the most appropriate image type,
visual, thermal etc.
Fields of View
Video analytics field of view, detection location or coverage must be clearly annotated onto
surveillance overlays that include the camera field of view illustrations.
Fields of view must be shown adjusted to the location, i.e. not just general coverage which goes
through walls etc.
Cameras shall be placed based on local topography and applicable requirements.
A study shall be carried out to define the actual field of view of each camera/lens combination used
and identify blind spots. The study shall consider the actual focal length of the camera lens, camera
pole height, local topography and obstructions in the camera field of view.
Camera coverage shall overlap so there are no blind spots between adjacent cameras exist. Local
terrain shall be used to determine the optimal camera mounting pole height that will meet the
requirements of this standard.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 1 OF 31 1
Surveillance Analytic Example
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 2 OF 31 1
Reference Standards
The following standards should be used when developing the VSS design:
Standard
Description
BS EN 62676
Video surveillance systems for use in security applications.
BS 7958
Closed Circuit Television (CCTV), Management and operation code of Practice.
BS EN 50130-4 +A1
Alarm systems. Electromagnetic compatibility. Product family standard:
Immunity requirements for components of fire, intruder, hold up, CCTV, access
control and social alarm systems.
NCP 104
NSI Code of Practice for Design, Installation and Maintenance of CCTV
systems, NSI.
BS 8418 +A1
Installation and remote monitoring of detector-activated CCTV systems. Code
of practice.
NFPA 730
Guide for Premises Security.
NFPA 731
Standard for the Installation of Electronic Premises Security Systems.
NFPA 70
National Electrical Code.
NFPA 70B
Recommended Practice for Electrical Equipment Maintenance.
ANSI/SIA CP-01-2019
American National Standard Institute/Security Industry Association – Features
for False Alarm Reduction.
IEC 60529
Degrees of protection provided by enclosures (IP Code)
ASIS FPSM
Facilities Physical Security Measures Guideline.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 3 OF 31 1
A2: Other Surveillance Systems
Overview
This section outlines the requirements of other surveillance technology that is not a major part of the
VSS. In the majority of cases it is envisaged that other surveillance assets will be required at locations of
major regional infrastructure and industrial locations that require either a secure perimeter line or
early/extended detection and monitoring of activity close to the site.
This section is not to define this technology, but to outline the considerations that are for these additional
surveillance technology assets.
Counter-Unmanned Aerial Systems is covered in a separate section that should be referred to if this
threat is a consideration for the facility, site or building.
Use of Radar and Long Range Cameras
Surveillance beyond the perimeter of sites that require either early warning or situational awareness
should utilise an integrated radar and long range camera system. The radar detection range should be a
minimum of 2km and the final range should be highlighted by the STRA. The long range camera should
have a minimum range of 1km with image stabilization to provide HD imaging. Both should be
connected to the Command and Control center.
A Radar Video Surveillance System (RVSS) will utilise a single or series of radars dependent upon site
and terrain to provide a wide area, up to 360o coverage across the area of interest. Verification of
detection will be via a dual band camera system incorporating both visual and thermal cameras to
provide a true 24hr long range detection and verification capability.
The system will have the following requirements:
•
Be integrated into external security cameras, which will include:
o
Cameras mounted at the Radar Unit location. These will provide the long-range camera
capability. This is the typical location for thermal band cameras that will be able to provide
verification across the individual radar detection footprint.
o
Cameras located along the site perimeters. Generally visual band cameras with low light
capability.
•
All cameras associated with the RVSS will be networked to allow the RVSS software to select the
camera that will provide the ‘best’ view of the area or object of concern. Networking will also allow
the automatic handoff between cameras so that a continuous visual or thermal verification
accompanies the movement history of an object of interest.
•
The radar will detect multiple potential threats and ‘tagged’ friendly assets to provide strong
situational awareness to the Security Control Room operator.
•
The RVSS will be integrated into an Automatic Identification System (AIS) and ‘friendly asset’
transponder system. This will allow all tagged assets, be that vehicles, equipment or people to be
tracked so that threat analysis and information led security can be applied at the site.
•
The system will allow asset descriptions to be attached to the asset, so hovering over the asset on
the operator screen will provide details to aid situational awareness.
•
The RVSS will be able to distinguish between vehicles, people and animals based on target crosssectional size and be able to prioritise alerts based on target type, direction of travel and proximity to
specific critical locations at the site.
•
Designed to operate in all weather conditions with minimal effects from adverse weather and
precipitation on detecting intruders.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 4 OF 31 1
•
•
Minimum RVSS detection and verification capability will be in the range:
o
Vehicles: 2.0km.
o
Moving people: 1.5km.
Where RVSS is deployed at a border location it will capable of detection and verification at ranges:
o
Vehicles: 25.0km or more.
o
Moving people: 15.0km or more.
•
The radar configuration will allow for full 360° coverage with reliable detection.
•
The PTZ head of the radar system should feature a long range high definition visible spectrum
camera which is coordinated with a digitally zoomed cooled thermal camera. This allows an operator
to switch seamlessly between thermal and visible images to facilitate threat verification and tracking.
•
Low effective radiated power that poses no threat to human exposure.
•
Software enabled masking zones can be configured across the full detection area.
Reference Standards
The designer is to select relevant standards for the technology chosen. These should be submitted to
NEOM Public Safety Department for a suitability check for the proposed installation.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 5 OF 31 1
A3: Access Control Systems
Overview
This Section defines the performance requirements and design considerations that need to be taken
into account when designing Electronic Access Control Systems (ACS) within NEOM.
The designer is required to produce privacy zoning to support their placement of access control points
and lines.
Consideration on the selection of access credentials should be carefully considered and in general
should conform to the scale given below and therefore, the dwell time tolerance also. However, the
process must be suitable for the application, user experience and most importantly achieve the
desired security effect.
Where a site, building or facility is in Protection Group Restricted, and some Enhanced, access
control should have a stronger deterrence effect and therefore may not comply with the concept of
invisible security. However, the application of access control should be layered and provide greater
protection at critical locations. The different application of access control techniques and
authentication should be informed by the privacy zoning mentioned above.
By way of an example, a hospital will operate the site at many varying access control levels. Hospitals
may generally be a Protection Group Enhanced due to their vital role in the community, but may also
have some highly controlled areas such as maternity wards. It is recommended that these differing
requirements are represented by the designer in a matrix as follows.
Area
Business as Usual
Scalability
Reception Areas
Publicly accessible.
Automatic authentication.
(Free Flow – Zero Dwell)
Access controlled:
Publicly accessible.
Automatic authentication.
(Free Flow – Zero Dwell)
Access controlled:
Pharmacies
Fully Controlled. (Biometric)
Regulatory Standards.
(ACS – Process Driven)
N/A – Always Fully Controlled.
(Biometric + Second Factor)
Maternity Ward
Fully Controlled. (Biometric)
Regulatory Standards.
(ACS – Process Driven)
N/A – Always Fully Controlled.
(Biometric + Second Factor)
General Ward
Hands Free. (Biometric)
Staff ward reception controlled.
(ACS – Minimum Dwell)
Hands Free.
(Biometric + Second Factor)
Staff ward reception controlled.
(ACS – Moderate Dwell)
Accident & Emergency
Waiting Area
•
Staff credential.
•
Staff reception controlled.
•
Staff credential.
•
Staff reception controlled.
etc…
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 6 OF 30 1
The desirable dwell times apply to single access control points. As facilities, sites and buildings
become more secure, multiple access control points may be incorporated to segregate between
different privacy zones, and these may also represent different access control levels as in the hospital
example above. A 3D representation of this is provided on the following page to illustrate the different
ACS zones.
Invisible Re-Authentication
A key element of NEOM and the ability of the community and visitors to move around it, is the
concept of seamless and invisible security, as much as is practicable whilst still meeting security
requirements. People and objects would be re-authenticated based upon a tokenised and stored
biometric profile and also based on the IoT devices they choose to use.
To achieve this, public realm areas and open access locations may well contain sensors that capture
specific data to allow re-authentication to occur without the need for direct interaction by the person or
object. This would be suitable for a variety of use cases, including the integration to smart systems for
payments, access, and safety purposes.
Hands Free / Contactless Operation
Wherever possible, regardless of the Protection Group, it is desirable to make any access control
point a contactless operation. This includes biometrics and this requirement should form part of the
selection criteria used for the authentication method.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 7 OF 31 1
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 8 OF 31 1
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 6 9 OF 31 1
Performance Requirements
Access Control Credentials
Access control credentials shall be divided between different tokens:
•
Mobile Near Field Communication (NFC) and Bluetooth Low Energy (BLE) activated and
authenticated with on-device biometrics. Access control systems shall use encrypted storage
sectors as part of an IoT device architecture to identify the token and access rights associated.
These may be virtualised access card systems.
•
Segregated Access Control Tokens shall be used for high security facilities (nominally all Restricted
and STRA identified Enhanced locations). These tokens will remain within the facility, site or building
and be exchanged to users as part of their entry procedures to provide greater levels of control over
these access tokens. Designs should identify how this will be achieved and tokens controlled. An
alternative is the use of robust biometric controls.
•
Biometric usage is the preferred access control credential due to its uniqueness, either as an
individual or as part of a multi-factor identification/authorisation process. The biometrics below are
arranged in order of preferred method, however these need to be matched to the use case at each
access control point.
o
Facial recognition.
o
Palm vein scanning.
o
Iris recognition.
o
Voice recognition.
o
Fingerprint.
The type of biometric to be utilised should be carefully considered to ensure that its ability to capture the
biometric is not adversely affected by environmental conditions. For example, a visual band facial
recognition camera installed in a location where it is subject to changing strong sunlight will be less
reliable. The same applies to palm vein readers exposed to bright sunlight also.
The guiding principle is that all access control points wherever possible should be contactless.
Doors
The following guidance should be complied with:
•
External entrance doors will accommodate door position switches for monitoring as a minimum.
•
Security rated door-sets will be provided where there is a need to delay forced entry, or a secured
zone within the building, and to provide an overall deterrent effect to criminal activity.
•
Access control points at doors require the surrounding walls, floor, and ceilings to provide a similar
level of delay to unauthorised movement, and wherever possible deny by-pass of the access control
point.
•
Final exit and emergency egress / escape doors will accommodate a manual means of exit device in
order to secure doors from the exterior, whilst still providing a method for safe egress during an
emergency and evacuation scenario.
•
Revolving doors will be able to accommodate a position switch and shall also be monitored by the
ACS and will also have the ability to be manually locked.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 0 OF 31 1
Lifts
The following guidance should be complied with:
•
Where vertical transitions require control, then access control readers should be included within lift
cars.
•
Where vertical transitions are possible by a large number of personnel, it may be more appropriate
to have a horizontal access control point with anti-passback and tailgating prior to the vertical
transition point, and therefore the vertical control may not be required. This is dependent upon the
number of access control groups and the differing privileges assigned to each.
Receptions
The following guidance should be complied with:
•
Reception desks with access control interfaces/systems must employ strict control over the ability to
alter access database records, adding or deleting records and the ability to change transaction logs.
Log ins must be unique and strong password protected.
•
Where enrolment is completed as part of a reception function, this must also be strictly controlled
and authorised.
•
Receptions with either of the above functions must have a strategically positioned duress alarm
capability and/or and alert field in the access control GUI.
Pedestrian Barriers
The following guidance should be complied with:
•
Where pedestrian barriers, such as turnstiles or portals are required to control access, these should
provide a complete barrier to unauthorised entry.
•
Entry points should take account of all potential users, and therefore allow passage for those with
disabilities providing the same experience across all users.
•
A method must exist for responding to and processing access failure attempts.
Fire Strategy
The following guidance should be complied with:
•
The fire alarm and warning system (FAS) will be hard wired into the ACS for each building and shall
allow for the fire alarm system to directly open all electronically locked doors designated as “fail
safe” and without a mechanical override. Any mechanical locks on escape routes will be fitted with a
simple mechanical release facility in the direction of escape.
•
Locks that have a securing function even during a fire incident will operate via multi-pole activation.
•
It is the designer’s responsibility along with the fire engineer to ensure that the access control
system is safe and compliant for evacuation purposes.
Visitor Access Control
The following aspects should be carefully considered and articulated in the access control strategy:
•
Visitor access and the gaining of the correct access rights.
•
Visitor access should avoid the issue of codes, PINs or other tokens that are not specific to a
person.
•
Visitor access should always be time bound.
•
Visitor access should always be auditable.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 1 OF 31 1
•
Where secure facilities are visited, the designer should consider secondary criteria to control
access, such as escort recognition in the access control system prior to allowing a visitor credential
to successfully open an access control point.
•
For Restricted facilities, sites, and buildings all visitors to critical areas must be escorted.
Mobile Reader Capability
The designer should determine if mobile reading technology is required. If required then units should
provide the necessary functionality, be environmentally protected, robust, and also offer a secured
interface to the access control system.
Environmental Requirements
The following guidance should be compiled with:
•
ACS devices that are indoors or housed in an environmental indoor cabinet shall be cooled by
redundant centralised air-conditioning.
•
Outdoor equipment should be designed to operate without air conditioning or a forced air ventilation
system and shall be able to function continuously within its own specific environment conditions.
•
Outdoor equipment should be designed to meet the specified performance required under the full
range of the local environmental conditions.
•
Equipment not capable of meeting environment requirements should be installed in a secure cabinet
with active cooling.
•
Ambient temperature range for ACS equipment should be (-10°C to +65°C).
•
Ambient relative humidity range should be (5% to 100%) non-condensing.
ACS Reader Housings
Refer to Environmental Requirements – All Systems, Equipment Housing.
Access Control System Integration
As part of the access control strategy, the designer will need to include the following elements:
•
A Cause and Effects Matrix
•
An Integration Diagram.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 2 OF 31 1
Cause
Access
Controlled
Door
Emergency
Break
Glass Unit
Access
Control
Reader
XXXXX
(Invalid)
Effect
Access
Control
Reader
XXXXX
(Valid)
X
X
X
X
X
Access
Control
Request to
Exit
Access
Control
Door
Forced
X
X
Access
Control
Door Held
X
X
DOCUMENT CODE : NEOM-NSE-PRC-001
©NEOM [2022]. All rights reserved.
REVISION CODE: 01.00
X
X
PAG E 7 3 OF 31 1
Security Shutters Disengaged
Security Shutters Engaged
Security Cages Disengaged
Security Cages Engaged
Lifts reengaged normal usage
Lifts disengaged (Floor of Choice - Doors Open
Disengage Secondary locking mechanism
Door PIR Reengaged
Engage Secondary locking mechanism
Door PIR disengaged
Security Control Room Notified
Signal Sent to Fire Alarm Panel
Access Control readers un-masked
Signal Sent to BMS to Operate AHU
Signal Sent to BMS to Shutdown AHU
Security Control Room Notified
Signal Sent to Fire Alarm Panel
Door PSU de-energised
Access Control readers masked
Access Control disengaged
Access Control Engaged
Access
Control
All Doors
Relevant Door releases
X
Camera View xxx available for selection via Work Station
alarm
Event Recorded on Security Database
Alarm Indicates on Security Work Station
An example of a cause and effects matrix is provided below.
An example of an integration illustration is provided below.
Lockdown Systems
Where specified, lockdown capabilities will protect people and assets from marauding attacks by
providing internal safe havens and isolating intruders in areas where responders can remove the threat.
This is a mandatory requirement for all Protection Group Restricted sites, facilities, and buildings.
Two types of lockdown should be considered:
•
Dynamic: This is based upon the installed access control points and ability to ‘lock-out’ these points
from further use until deemed safe to do so. This should be enabled via the access control systems
software.
•
Manual: Where individual actions deny access through a designated point by manually locking or
securing the location. This approach is only to be utilised and defined in the security concept of
operations where it is impractical to enable dynamic lockdown.
All lockdown points should be at locations that also provide good levels of delay to forced entry and
where technical surveillance (e.g. cameras) can be achieved to aid situational awareness and response.
Therefore, it is expected that if a door set provides a specific level of delay, the surrounding walls, floor,
and ceiling that would give access into the protected space also offer an equivalent level of delay to
forced entry.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 4 OF 31 1
Effect of Lockdown
The effect of initiating a lockdown of an area where the person has authority to do so, should be to:
•
Divide the building or site into a number of segregated or compartmentalised zones.
•
Each zone should provide a level of delay to unauthorised or forced entry. The level of protection
needs to be appropriate for the Protection Group and objects being protected by the lockdown.
Activation
Activation of lockdown procedures and actions for a facility, building or a site should be able to be
completed as follows:
•
In less than 3 seconds.
•
Not require the manual locking of any doors or partitions for designated key protective areas.
•
Automatically alert the Security Control Room (SCR) on activation.
•
Be initiated through, or be integrated through, the access control system.
Deactivation
Deactivation of lockdown shall be a controlled process. Deactivation methods will vary by protection
group and include:
•
Timed deactivation.
•
Authorised biometric at centrally controlled points by only authorised personnel.
•
Local Security Control Room, but only where it is a secured SCR that would not be subject to duress
or influence.
Communication
Any facility, site or building that operates a lockdown capability should also have the ability to provide
mass notification to relevant persons, to:
•
Inform of the lockdown, and the need to Run and Hide to those personnel already at the facility, site,
or building.
•
Inform of the lockdown and to stay away from the facility, site or building until further notice.
Reference Standards
The following standards should be used when developing the ACS design:
Standard
Description
Disability Discrimination Act 1995 +
Amendment 2005.
Ensure all equipment does not impede access to any areas of the
development.
BS EN 60839
Alarm and electronic security systems.
BS 8593
Code of Practice for the Deployment and use of Body Worn Video.
NCP 109
NSI code of practice for design, installation, and maintenance of
access control systems.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 5 OF 31 1
Standard
Description
BSIA A specifier’s guide to access
control systems (Form 132), BSIA.
Guide to assist specifiers in grading access control systems in line
with other security applications.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 6 OF 31 1
A4: Intruder Detection Systems
This section should be read where an Intruder Detection System (IDS) capability has been identified.
It is mandatory for Protection Group Restricted sites, facilities, and buildings.
Requirements for Enhanced and Baseline sites should be identified through the STRA process.
Overview
The inclusion of an IDS at the facility, site or building will be based upon the site-specific threat and risk
assessment and the identified need to protect specific people, assets, or processes.
It will therefore be incumbent on each designer to identify their development’s IDS requirements and
how these are met.
Design Considerations
The following design considerations should be considered when selecting sensors/detectors:
•
Environmental conditions to which the sensor will need to operate in. i.e. would a sandstorm render
the system incapable of detection; will high winds make the detector ineffective?
•
Provide efficient coverage of the distance, area, or location to be covered.
•
What is the probability of a positive detection?
•
What is the probability of negative detection or nuisance detection?
•
Are sensors/detectors configured so that they cannot be defeated?
•
Is the system working on a single or multiple ‘knock’ basis?
•
How will an alert be verified?
•
Does the point of detection provide sufficient time for an effective response to be activated, prevent
intrusion or access to the protected object?
•
Are multiple detection technologies required?
Sensor selection is the responsibility of the designer given the specific details of the design location and
the number of technologies required.
IDS Control Panels
All intrusion detection panels shall be installed in secure locations with controlled access.
Panels should be monitored for tampering and fitted with anti-tamper technology.
For efficient arming and disarming of the IDS, a remote arming station (reader/keypad) shall be located
in a secure area near to the main entry/exit door of each building with the relevant sensor shunted for a
variable time to allow for an activation/deactivation code to be entered.
The IDS reader/keypad shall include a duress code facility.
Each control panel shall have an inbuilt memory buffer that stores IDS alarm events, and each panel
must be earthed appropriately to avoid any false alarms due to power surges. Individual Intruder alarm
control panels must have a minimum of eight (8) hours of battery back-up to maintain full operation
during a prolonged power outage.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 7 OF 31 1
Where an alarm system is a critical element of protecting the building assets, then an uninterruptible
power supply (UPS), allowing the system to continue functioning for the time directed by local law
enforcement.
IDS Tamper Alarms
All IDS sensors, control panels, and cable containment shall have integrated tamper alarms, and all IDS
components must be installed so that they cannot be tampered with by the public both by design and by
accident. IDS cabling must also have a tamper circuit to detect if it is cut or short-circuited. The tamper
circuit must be active at all times.
IDS False Alarms Rate
The designer must consider the stability of the IDS and document the acceptable threshold for an
acceptable False Alarm Rate (FAR) that is suitable for its use at the specific facility, site, or building.
However, false alarms should be a rare occurrence to avoid unnecessary disruption.
At Restricted sites this rate must be below 1 event in every 30 days.
Detection Approach
The following detection approaches should be adopted.
Protection Group
Requirement
Restricted Perimeter IDS
Dual technology-based detection with verification cameras.
Restricted Critical Area IDS
Dual technology-based detection with verification cameras.
Restricted Supporting Area IDS
Single technology-based detection with verification cameras.
Enhanced Perimeter IDS
Single technology-based detection with verification cameras or
strong situational awareness with proactive monitoring.
Enhanced Critical Area IDS
Single technology-based detection with verification cameras.
Baseline Critical Area IDS
Single technology-based detection.
Reference Standards
The following standards should be used when developing the IDS design:
Standard
Description
PD 6662:2017 PD 6662
Scheme for the application of European Standards for intrusion
and hold-up alarm systems.
NACP 11
Supplementary Code of Practice for the Planning, Installation
and Maintenance of Intruder Alarms.
BS EN 50130-5
Alarm systems. Environmental test methods.
BS EN 50518
Monitoring and Alarm Receiving Centre.
BS 8243 + A1
Installation and configuration of intruder and hold-up alarm
systems designed to generate confirmed alarm conditions.
Code of practice.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 8 OF 31 1
Standard
Description
BS EN 50130-4 + A1
Alarm systems. Electromagnetic compatibility. Product family
standard: Immunity requirements for components of fire,
intruder, hold up, CCTV, access control and social alarm
systems.
BS EN 62676
Video surveillance systems for use in security applications.
BS EN 60839
Alarm and electronic security systems.
BS EN 50136
Alarm systems. Alarm transmission systems and equipment.
BS EN 50131
Alarm systems. Intrusion and hold-up systems.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 7 9 OF 31 1
A5: Duress Alarms
Overview
The primary objective of the duress and panic alarms in this standard are targeted to the protection of
people, assets, and sites.
While different types of devices shall feature unique buttons or layouts, the main idea is to have an
emergency button to press, a verbal duress phrase to transmit, or a duress action to demonstrate so
that security staff can observe and respond to people in emergencies.
Anyone responding to such alarms must be trained in security response policies and procedures.
It is expected that specified Restricted, and potentially Enhanced security sites, will provide an alarm
direct to the Police for an immediate, and potentially armed response. The sites that have this response
will be indicated to the designers by NEOM Public Safety Department when the Protection Group is
confirmed.
Duress Alarm
A duress alarm shall be an activation device placed covertly, but accessibly, which is intended for
security situations where silent notification is appropriate. Typical locations shall include critical
equipment areas, main reception areas within medical, educational, and government authorities’
buildings, as well as higher security financial and administration facilities.
Panic Alarm
A panic alarm shall be an activation device placed overtly and accessibly, intended for security
situations where silent notification is not required. For example, within The Spine rail stations these may
be provided via Help Points.
Considerations
Both duress and panic alarms are electronic devices that shall alert a monitoring station. Each alarm
shall initiate an appropriate response and shall take into consideration the following elements.
•
Layout and scope of the panic alarm and duress security system coverage.
•
Type of activation device (button, switch, keyboard, wireless push button, Kick bar and mobile GPS
unit).
•
Placement of activation device (under a desk, a computer icon, carried on a person, or fixed in the
public realm).
•
Integration with security and building management systems, for example, dynamic lockdown and
VSS.
•
Location and type of annunciation (local/remote and audio/visual).
•
Identification and availability of responders.
In general duress button activation either via the hardwired duress button or via the wireless
transmitters, a duress signal will be sent to the operators within the Security Control Room (SCR). The
duress signal should take precedence over all activities in the SCR. The security operatives will then
decide upon the action to take based on NEOM security response policies and procedures.
The following table provides some examples:
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 0 OF 31 1
Protection
Group
Restricted
Example
Device
Name
(Identifier)
Example
Purpose of
Sensor
(Cause)
Fixed Panic
Button
Under Desk
Wireless
Panic /
Duress
Device
carried by
staff inside
a building
possibly a
lone worker
Example
Type of
Alert
Example
Alert
Description
A deliberately
operated push
button, for
personal use in
an attack or
duress
situation, to
alert the
security control
room of an
attack situation
Hold Up
Attack –
Priority 1
Personal
Attack / Hold
Up
A wireless
Radio
Frequency
Identification
device (RFID)
carried by a
person as they
move around a
building
Suspicious
activity
observed,
i.e.
tailgating
Priority 2
Example
Response
Example procedures for
responding to panic and
duress alarm annunciation
summarised below:
SCR guards verify alarm and
record events using VSS
Summon police response
Contact on-call manager
Continue to report ongoing
activity to the police
Personal
response
required.
Use VSS to follow activity
Deploy external guard to
meet attending police
Record as panic or duress
incident
Acknowledge and once
actioned reset the system
Mobile
Panic /
Duress
Device
carried by
staff outside
of a
building,
i.e., a tour
guide
Performance Requirements
Duress alarms shall provide the following minimum requirements:
Fixed / Wired
•
•
•
•
•
Fixed duress buttons shall be deliberately operated devices requiring two separate actions
before activation.
Mechanical latching action released / reset by a key.
Metal-clad construction.
Normally closed contacts that shall open on activation.
For medical facilities and similar alert applications, a mushroom type push button is required.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 1 OF 31 1
Fixed / Mobile Wireless
•
•
•
•
•
Wireless devices shall provide intelligent location-based technology allowing for immediate
reporting of employees or assets on a web-based management reporting system optimised for
mobile and tablet devices.
Mobile duress devices shall use Bluetooth transmitters that repeatedly broadcast their
presence to other nearby Bluetooth detectors. Each beacon shall have its own Unique Identifier
(UUID) and when in range of a Bluetooth ‘detector’ it can recognise the specific UUID and
report its whereabouts in real-time onto either an online console or a mobile application.
Each duress device shall be capable of integration with Wi-Fi and other sensor technologies or
to be a completely standalone system resulting in a self-monitoring solution that can provide
SMS alerts to registered numbers that can also provide real-time location information to third
parties for use with security management applications and services.
Fixed and mobile devices are to be made of robust, durable, hardwearing, and waterproof
materials adaptable to their environment.
Panic buttons and duress alarm devices shall have a wide variety of mounting and enclosure
options, including devices that can be worn as wristbands and lanyards and devices that can
be attached to or easily associated with any existing employee identity or access control card.
Card reader duress options
Other duress options that the designer shall consider for each ACS reader shall include but are not
limited to the following:
•
Initiate Dynamic Lockdown if under duress.
•
Deny if under duress.
•
Inform SCR of duress incident at specific reader within a defined security zone.
Advisory Requirements
The design should also take into consideration the development of policies and related procedures
which clearly define the following:
•
Appropriate use of the system including how and when to activate the alarm as well as clearing the
alarm and resetting the alarm.
•
Response protocols (internal and external).
•
Preventive maintenance, inspection and testing of applicable devices.
•
Establishing interim procedures during system downtime.
Documenting system activations including:
•
Reporting of malfunctions or other maintenance issues immediately and addressing functional
issues promptly.
•
Reviewing the system on a regular basis as part of the security vulnerability assessment. The
system should be modified as needed based on evolving requirements or the mitigation of identified
risks.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 2 OF 31 1
Reference Standards
The following standards should be used when developing the Duress and Panic Alarm System design:
Standard
Description
BS EN 50131
Alarm Systems. Intrusion and hold-up sytems.
BS EN 50518
Monitoring and Alarm Receiving Centres.
PD 6662
Scheme for the application of European Standards for intruder
and Hold-Up Alarm systems.
PD 6669
Guidance for the Provision of Alarm Transmission Systems
(ATS).
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 3 OF 31 1
A6: Security Lighting
Overview
The primary desired security effect is in support of surveillance assets, be they technical or operational.
The illumination type must be suitable for the surveillance type being employed. i.e. Infra-Red (IR)
illumination may well be a good choice for camera systems, but if operational staff need to operate in the
same area this is unlikely to provide the levels of illumination for them to move safely and identify
intruders, damage etc.
Dark Skies Policy
NEOM is committed to the creation of Dark Skies Policies. Policies seek to reduce the amount of light
pollution emitted directly upward or reflected from the ground to the sky.
The requirement to reduce light pollution and save energy will present challenges to lighting designers
for security as they will need to consider the following:
•
Minimising visible light.
•
Moving towards motion detection activated illumination which may not be suitable for a number of
security applications.
•
The use of Passive Infra-Red activation measures where possible.
•
Directional design for visible light.
•
The use of surveillance technology that is not visible light dependent.
•
Use of the lowest level of lighting appropriate for the purpose and location of the lighting source.
Performance Requirements
General Functional Requirements
•
Preference should be given to the use of ambient light wherever possible, unless required to meet
specific security or safety requirements.
•
Each perimeter light shall be connected to a different ring main than the light adjacent to it.
•
Perimeter lights shall be powered by an emergency power generator in the event of power failure.
•
Each lighting fixture of perimeter lighting shall be protected by circuit breaker in a secure
compartment with a suitable lock.
•
The lighting controls shall be designed so the lights are energized prior to darkness, or during the
day, at a time suitable for the run-up period of the lamps used.
•
All switchgear controls and switches for security lighting shall be located in a locked and secure
facility.
•
All VSS cameras to incorporate infrared illumination so continuous visual band illumination will be
provided. This does not apply to thermal band cameras.
•
Energy efficient lighting should be used wherever possible.
•
The use of sodium lighting or ‘yellow light’ should be avoided as it does not provide an effective
colour rendition, either for the human eye or surveillance technology, as white light halogen or LED
lighting.
•
Provide uniform illumination to avoid the development of shadows or severe illumination contrasts.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 4 OF 31 1
•
Where lighting is used in the public realm, lighting should be used to support the hierarchy of
pathways. It should encourage the use of primary routes through well-lit pathways and discourage
routes without lighting or low levels of lighting (as per the below image). This is based on the
principle that the public will perceive a well-lit area to be safe and secure. As such the lighting
design should support those routes which do not increase the opportunity for criminality.
•
Lighting should be designed in such a manner as to minimise unwanted glare.
•
Lighting/illumination infrastructure should not cause other security concerns such as climbing aids
etc. In general, anything that could be classed as a climbing aid should be a minimum of 3.0m away
from anything be protected.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 5 OF 31 1
Perimeter Illumination
Perimeter illumination using visual band light should be considered as the exception and used only in
areas where its use is essential for supporting safe movement. Where visual band light is required the
following should be considered:
•
Fixed perimeters: Visible (i.e. non-IR) illumination of the perimeter should only be used where is
supports safe and effective working of the Guard Force. If there is no guard force, then the need for
constant illumination should be considered.
•
The illumination zone is a strip of 3.0m outward and 3.0m inward of the perimeter barrier or 3.0m
outwards of the building façade.
•
The lighting in all areas shall be designed so that it does not interfere with cameras and does not
intrude into the camera field of view to the extent that camera performance is affected.
•
At existing facilities, lighting output shall be measured and recorded. Measurements shall be taken 2
hours after local sunset. Shared fence lighting has special requirements for this measurement.
•
Lighting design for parking facilities shall be in accordance with IESNA RP-20.
•
If visual band light is required, then the following minimum should be achieved where only camera
usage is required:
o
Horizontal: 5 Lux minimum @ 100mm above ground level. Uniformity to be a minimum of 2:1
average to minimum.
o
Vertical: 2 Lux minimum @ 300mm above ground level and normal to the fence line.
o
The illumination should be present during all hours of darkness and should not be event
activated. Rather it should be activated through the use of a central switch(s).
o
If cameras are being used, then colour rendition of the light should be above 60.
o
Illumination should be provided to cover any vulnerable points.
Computer plotted prints shall be supplied with all security lighting proposals showing grid patterns and
calculations covering perimeter, area lighting at perimeter fences and shared fence lighting. Grid size on
the plotted points shall be based upon a grid of 10.0m square while a grid of 3.0mx3.0m shall be used
for perimeter lighting.
Average levels of lighting for security purposes where security personal movement occurs should be a
minimum of:
Location
Lux
Vehicle parks
10
Walkways
20
Stores and loading bays
100
Perimeter lighting shall illuminate the fence line and its surrounding area with the minimum light
levels specified in the below. Lighting along the fence line shall be uniform with all light
illumination overlapping adjacent light illumination.
Location
Lux
Fence +/- 1.0m
23
Fence +3.0m internally
20
Fence +10.0m externally
12
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 6 OF 31 1
This measurement shall be taken during fully dark time (2 hours after sunset) with existing
facility lights turned off. Higher lighting level should be added if required for surveillance
systems.
Public Spaces
Average levels of illuminance that should be considered for security purposes are:
Location
Lux
Pedestrian areas
20
Vehicle parks
10
Sports stadia and similar venues – minimum level for stands and exit areas.
30
Reference Standards
The following standards should be used when developing the Security Lighting design:
Standard
Description
Lighting Against Crime
ACPO Secured by Design 2011.
BS 5489-1
Code for the design of road lighting and public amenity areas.
BS 12665
Light and Lighting. Basic terms and criteria for specifying lighting
requirements.
BS EN13201-2
Road lighting performance requirements.
BS EN 62717
LED modules for general lighting.
BS EN 12464
Lighting of workplaces
BS EN 5266-1
Emergency Lighting Code of Practice for the emergency lighting of
premises.
Lighting Guide for the Built
Environment. Lighting Guide 6
The exterior environment. The Society of Lighting Professionals
part of the Chartered Institute of Building Services Engineers.
January 2016.
Guide to Limiting Obtrusive Light
The Society of Lighting Professionals part of the Chartered
Institute of Building Services Engineers. November 2012.
Guidance Note 01/20
Guidance Note for the reduction of obtrusive light. The Institution of
Lighting Professionals.
LG06/16
Chartered Institute of Building Services Engineers Lighting
Handbook (LG06 and LG15).
LG12
Lighting Guide 12 – Emergency Lighting.
Saudi Building Code SBC 401
Saudi Electrical Code.
SASO 2870/2015 Regulation
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 7 OF 31 1
A7: Cyber Security
‘An object-orientated model, where individuals, objects and assets interact within the security system,
and physical and cyber converge.’ NEOM Technical Strategies Report - Security
NEOM’s embrace of a fully converged system architecture, with all elements being treated as objects in
a virtual eco-system will attract both malicious and curious cyber activity. It is therefore essential that all
systems are cyber-secure and conform to minimum standards to avoid vulnerabilities within the ecosystem architecture.
The sequence and frequency of Identification, Authentication, Re-authentication and Authorization
(IARA) is a key element of the cyber-physical convergence. Therefore, systems should be designed with
this criterion in mind.
This section introduces the underpinning generic requirements, and the NEOM Cyber Security Lead
should be consulted for more detailed considerations, along with complying with the security system
cyber security requirements defined by the NEOM IT and Cyber Security Teams.
For specific systems, the designer may be requested to complete a specific cyber-security risk
assessment to understand fully the threat vectors applicable and therefore the additional cyber-security
measures that will need to be included in the system design. Consideration must be given to hardware
middleware and software for control systems and security systems.
Cyber Security measures shall be the final part of a Plan-Design-Check-Act (PDCA) approach to threat
management of a converged physical, technical and logical network and physical security network
designers and operators shall utilise the PDCA cycle to evidence how cyber-security has been
evaluated in their design process. This should include a simple topology schematic showing system and
object connectivity that will be enabled.
The overarching tenet being that all systems should be designed with cyber-engineering
inherently considered, so that each system/object is considered ‘hardened’ against cyber, virtual
and logical threats.
As a baseline, all systems should be compliant with the:
•
NEOM Information Security Policy: CS_GRC_Pol_102.
•
KSA National Cyber Centre requirements.
•
ISO27001.
All systems should be able to evidence an appropriate cyber-secure engineered standard, such as the
UK Cyber Essentials Plus scheme or equivalent.
Control and safety systems are more likely to operate under regimes determined by the IEC 615082 and
ISA/IEC 624433 standards.
Physical Design Considerations
Physical security and resilience of networks and infrastructure are key to maintaining availability of the
systems.
Security Assets shall have dedicated duct(s) and Fiber Optic Cable(s).
The LAN deployed for security shall be dedicated to security systems and designated as security
network (SECNET).
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 8 OF 31 1
SECNET shall be implemented with redundant, physically discrete networks.
SECNET cabling shall be physically installed in separate discrete physical ducts or sub-ducts,from other
facility's cabling.
All security devices, except field devices, with LAN connectivity requirements shall have two, physically
discrete, network connections and shall automatically connect to the active LAN.
SECNET shall have a dedicated router/switch to connect to a backbone or public network.
It is key that measures are taken at each facility and site to ensure that a local vulnerability does not
exist, and that a cascading vulnerability does not develop through the City eco-system. i.e. the
downstream and upstream effects of their network, infrastructure and information.
The information held by each system should be prepared at each design stage to evidence that this has
been considered and that adequate information security is planned.
The following physical measures shall be implemented to mitigate or reduce the potential likelihood and
impact of cyber security threats. These measures shall be applied by the designers for the following.
Protection Group
Restricted
Enhanced
Baseline
Core Network Physical
Security
Resilience of Infrastructure
Core network hardware to be within
electronically access controlled
equipment room.
Fault-tolerant architecture with
redundant capacity systems and
multiple distribution paths.
Secure Configuration
The following functional components of secure configuration shall be implemented during design and
operation of any system:
•
Physical Security – this includes access to physical ports, removable media, debug interfaces,
tamper-protection boundary and resistance to attacks such as loss of power. The product may
consist of some elements that are deployed in a non-secure area and other elements that are
deployed in a secure area or secure enclave – these may have different requirements.
•
Secure Configuration – the product must follow NEOM’s Cyber Policy with controls over who can
change configurations.
•
Network Security – the product will consist of elements that need to communicate with each other or
to other systems. There must be controls on all pathways and objects suitable to the accessibility
and potential vulnerability associated with each.
•
Authentication management (Access Privileges) – use of Multi Factor Authentication (MFA) where
necessary as dictated by the protection group and the system criticality or information holding, with
unique credentials for each individual user, with privileges based on Need for Access and not on
seniority.
•
Monitoring – systems should be engineered to monitor for potential breaches and rules-based
violations.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 8 9 OF 31 1
Cyber Audit Requirements
Unless superseded by the aforementioned policies and standards, the following activities are required to
be completed at least annually by the facility operator and its staff:
•
Review of cybersecurity management policy and procedures.
•
Review and updating of the site/facility cybersecurity risk assessment.
•
Review the cybersecurity incident response plan.
•
Undertake an incident response exercise.
•
All staff to undertake cybersecurity awareness and training.
Reference Standards
The following standards should be used when developing the Cyber Security design:
Standard
Description
CS_GRC-Pol_101
NEOM Information Security Policy Summary
CS_GRC-Pol_102
NEOM Information Security Policy
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 0 OF 31 1
A8: Perimeter Security Barriers and Entry Points
The following section sets out design requirements for the use of pedestrian barriers at site and
facility perimeters within NEOM. Where perimeter barrier systems will form the most visible part of any
of the security systems within the built environment it is critical that they are developed in a way that
supports both the security need and the aesthetics of where they are required in NEOM.
It is expected that perimeter barrier systems will be included by exception on non-industrial sites
within NEOM. Their use will be indicated through the Security Threat and Risk Assessment.
The following should also be used as an outline guide:
•
Restricted – Site perimeter security treatment to deter trespass and site incursions. It is expected
that critical or important buildings and infrastructure will have further layers of protection.
•
Enhanced – Perimeter security treatment will be provided at the site perimeter and/or building
perimeter, whichever is most appropriate for the location.
•
Baseline – Perimeter security treatment will be provided at the building fabric level, unless
outdoor storage is required, then it will be provided at the site perimeter.
Designers should take into account the overall security effect they are trying to achieve and ensure
that measures are effectively integrated into the wider technological and operational security
provision. This also allows that the overall security effect can be built-up over a number of elements or
layers if appropriate.
Wherever possible, landscaped or a designed barrier that supports the local architecture is preferred,
assuming that a similar and demonstratable security effect is achieved.
Overview
The following design considerations should be made:
•
Are pedestrian barriers appropriate for this asset and location. Or is detection better?
•
Can the building line act as an effective perimeter to what is being protected?
•
What is the overall delay effect that is desired? Can this be achieved through other security
measures?
•
What is the criticality of the assets to be protected, and is a local level of protection close to the
asset more appropriate?
•
If free public access is required, does a barrier system actually provide any security?
•
Is there an equivalent design feature that would fit better with the local environment?
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 1 OF 31 1
For lower security sites, the emphasis should be on utilising measures to support territorial
demarcation that reinforces an implicit understanding of space and when individuals move between
public and private space. This should be clearly detailed in the CPTED development for the
site/facility.
Higher security locations that require a barrier system should be considered in two categories:
•
Those with a highly visual presence or adjacent to high footfall areas. The design aesthetic will be
more important in these locations and a bespoke design option may be required.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 2 OF 31 1
•
More remote locations with low footfall. These should adopt a more traditional perimeter approach
based upon security fencing, walls, or other type of barrier
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 3 OF 31 1
Primary Functions
The primary functions of pedestrian barriers within NEOM are as follows:
•
To delineate between public and private spaces and provide stand-off range where required to
critical elements of a facility or site.
•
To provide an obstacle against hostile intrusion into restricted or private spaces.
•
To provide an increased time delay that will restrict an attacker’s ability to penetrate a defensive
perimeter.
•
To provide resistance against burrowing, scaling, or penetration of a barrier system.
•
To allow for the authorised access of people and vehicles at designated perimeter locations
where required.
•
To act as a host for other security detection equipment such as VSS, IDS and security lighting.
•
To provide privacy screening of the location, if required and in conjunction with either solid panels
or coverings.
Pedestrian Barrier Example
The following images (see following page) and infographics provide the base standard for a 3.0m high
weld-mesh security fence that should be used where a security fence is unavoidable or is warranted
by the STRA.
For non-industrial or non-specialist applications the fence will be:
•
A minimum of 3.0m above finished ground level.
•
Follow ground contours to provide the minimum height at all points.
•
Gates will provide the same level of delay.
•
Be made from weld-mesh with a mesh size of 75mm x 12.5mm.
•
Not incorporate anti climb toppings or barbed tape coils unless a clearly identified need is shown
via the STRA.
Further specification can be found in BS1722: Part 14 which provides details on:
•
General purpose fences.
•
Boundary and perimeter fences.
•
Security fences.
•
High security fences.
Gatehouses and Formal Entry Points
The following are the requirements for each of the Protection Groups.
All Groups:
The roadway approaching a gatehouse shall have a chicane or zigzag design to retard the speed of
incoming vehicles. This may be augmented by additional speed retardation devices and designs if so
required by the proponent. A 90-degree turn leading to the gatehouse shall be an acceptable
alternative to a chicane.
•
The approach to the gatehouse after the chicane/speed control devices shall be no longer than
50.0m in order to minimize the distance the vehicle has available to accelerate to the gatehouse.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 4 OF 31 1
•
The sides of the roadway in the chicane shall have barriers that shall prevent a vehicle from
driving or cutting across the chicane.
•
Each lane in the gatehouse inspection area shall have medians separating each lane of traffic.
The medians shall be sized to allow installation of lane equipment and permit a safe area for
security personnel to stand on. The height and width of the median shall be sized as needed for
safe operation. The width shall not be less than 800mm.
•
The gatehouse should be in front of the facilities and exactly at the center of the entry, between
the entrance and exit lanes.
•
An audible and visual alarm shall be provided that is activated via pushbutton in the gatehouse
during an emergency. The pushbutton shall be protected against accidental activation but shall
not be locked at any time. The audio alarm shall be audible to all personnel in the gate area and
the visual alarm shall be placed in multiple locations to ensure clear visibility to all personnel in
the gate area. Once alarm is activated, it shall annunciate an alarm at the SCR.
•
Only security devices that require security personnel interaction or review shall be installed in the
gatehouse. The gatehouse may not be used for installation of other support and infrastructure that
are not directly required for security.
•
While the gatehouse may be used to display alarms for specified security related activities at the
gate, it may not be used for SCR functions, unless specifically identified and recommended in the
STRA.
•
A rejection U-turn lane shall be provided for vehicles denied access shall be able to turn around
without entering the facility. The rejection lane turning radius shall be sized for the largest vehicle
expected to enter the facility. The rejection lane/turning point shall be located before the
gatehouse.
•
Each entry and exit lane shall have a clearly visible traffic light type setup that will inform users
from a distance if a lane is operational or closed.
•
All lanes and traffic flow directions shall be clearly marked on the roadway.
•
Roadway containment in the access control and inspection area shall prevent inbound vehicles
from unauthorized access and shall extend from the inspection area to the end of the Response
Zone.
•
The containment shall consist of passive barriers on either side of the roadway that shall deny a
vehicle entry to the facility until the end of the Response Zone.
Protection Group
Requirement
Baseline
•
Preferred automated entry points where practicable.
•
Vehicle control barriers to be installed across all lanes for traffic control.
•
Emergency gates to be included where required by the emergency services or
site evacuation plan. All to be covered by VSS and ability to be lit to provide
adequate task lighting at a nominal 100 Lux.
•
All gates should be fully closeable to the same standard as the surrounding
perimeter barriers. These should be lockable to provide the same level of
delay as a cutting attack on the perimeter barrier.
•
If a staffed entry point is required, then a gatehouse should be provided sized
to incorporate the activities required at that point. At least one form of
communication should be provided to a supporting SCR or response point.
•
Preferred automated entry points where practicable.
•
Vehicle control barriers to be installed across all lanes for traffic control.
•
Emergency gates to be included where required by the emergency services or
site evacuation plan. All to be covered by VSS and ability to be lit to provide
adequate task lighting at a nominal 100 Lux.
Enhanced
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 5 OF 31 1
Protection Group
Requirement
•
All gates should be fully closeable to the same standard as the surrounding
perimeter barriers. These should be lockable to provide the same level of
delay as a cutting attack on the perimeter barrier.
•
Vehicle Control Barriers:
•
•
o
Vehicle speed reduction measures should be incorporated on the
approach to any gate that reduces the achievable speed at the gate line
to 48kph for a 7,200kg (N2/N3C under IWA-14).
o
Vehicle control barriers should be provided on each lane at the gate line
to help position vehicles trying to gain entry.
o
VSBs only need to be incorporated at the gate line where a need has
been identified during the STRA process.
Gatehouse Protection:
o
If not reinforced concrete, a vehicle impact barrier should cover the full
width of the attack face of the gatehouse. (IWA-14)
o
Ballistic protection for glazing, doors and walls to conform with a level of
protection at FB/BR6 + SG2.
o
Entry doors to be placed on facades 90o away from the vehicle lanes.
o
Gatehouse structure to protect against a PBIED attack.
Systems:
o
o
o
o
All security and life support systems to be on UPS.
Duress alarms to be provided.
At least 2 diverse communication methods.
Doors to the non-public areas of the gatehouse should be access
controlled using dual factor authentication.
The activity area and façade of the gatehouse should be covered by
VSS with min. image resolution 125ppm.
o
•
•
Gatehouse Sizing:
o
Sized to the activities to be undertaken at the location.
o
In-house welfare facilities to be provided.
o
Sun shading to be provided to support any external activities. The sun
shades should be installed above 5.5m in height to allow the full range of
vehicles entry to the site.
o
360o visibility should be provided for the gatehouse.
o
Two parking bays should be provided for facility security vehicles.
o
Adequate vehicle parking spaces shall be provided to allow parking of
gate personnel and visitors without obstructing traffic flow.
o
Five visitor parking bays should be provided outside of any VSB lines.
o
If a visitor centre is required, it shall be adjacent to the gatehouse.
o
Rejection lanes are to be provided without vehicles needing to traverse
any VSB lines.
Pedestrian Entry Points:
o
Restricted
To be positioned within 10.0m of the gatehouse and be covered by VSS
to an image quality to 250ppm.
•
Preferred automated entry points where practicable.
•
Vehicle control barriers to be installed across all lanes for traffic control.
•
Emergency gates to be included where required by the emergency services or
site evacuation plan. All to be covered by VSS and ability to be lit to provide
adequate task lighting at a nominal 100 Lux.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 6 OF 31 1
Protection Group
Requirement
•
All gates should be fully closeable to the same standard as the surrounding
perimeter barriers. These should be lockable to provide the same level of
delay as a cutting attack on the perimeter barrier.
•
VSBs:
•
•
•
•
o
Vehicle speed reduction measures should be incorporated on the
approach to any gate that reduces the achievable speed at the gate line
to 48kph for a 7,200kg (N2/N3C under IWA-14) where a full VSB
perimeter is to be installed.
o
Vehicle speed reduction for sites that provide VSB at critical points of the
site, but not a full perimeter, should achieve speed management to those
measures not the gate line.
o
VSB barrier controls should be adequately protected with equipment
cabinets in a protected area or in an internal equipment room as part of
the gatehouse.
Gatehouse Protection:
o
If not reinforced concrete, a vehicle impact barrier should cover the full
width of the attack face of the gatehouse. (IWA-14)
o
Ballistic protection for glazing, doors and walls to conform with a level of
protection at FB/BR6 + SG2.
o
Entry doors to be placed on facades 90o away from the vehicle lanes.
o
Gatehouse structure to protect against a PBIED attack.
Systems:
o
All security and life support systems to be on UPS.
o
Duress alarms to be provided.
o
At least 2 diverse communication methods.
o
Doors to the non-public areas of the gatehouse should be access
controlled using dual factor authentication.
o
The activity area and façade of the gatehouse should be covered by VSS
with min. image resolution 125ppm.
o
Under-Vehicle Imaging System is to be employed on all incoming lanes.
Gatehouse Sizing:
o
Sized to the activities to be undertaken at the location.
o
In-house welfare facilities to be provided.
o
Sun shading to be provided to support any external activities. The sun
shades should be installed above 5.5m in height to allow the full range of
vehicles entry to the site.
o
360o visibility should be provided for the gatehouse.
o
Two parking bays should be provided for facility security vehicles.
o
Adequate vehicle parking spaces shall be provided to allow parking of
gate personnel and visitors without obstructing traffic flow.
o
Five visitor parking bays should be provided outside of any VSB lines.
o
If a visitor center is required, it shall be adjacent to the gatehouse.
o
Rejection lanes are to be provided without vehicles needing to traverse
any VSB lines.
Pedestrian Entry Points:
o
To be positioned within 10.0m of the gatehouse and be covered by VSS
to an image quality to 250ppm.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 7 OF 31 1
Reference Standards
The following standard should be used when developing the security rated pedestrian barrier system
design:
Standard
Description
BS 1722 – Part 1 to Part 18
Fences.
LPS 1175 – Issue 8
LPS1175 focusses on the physical security of ‘intruder resistant
building components’, which includes strong-points, security
enclosures, free-standing barriers, and any products that fall within
those categories, such as doors, shutters or fencing.
Crime Prevention Through Environmental
Design
Crime Prevention Through Environmental Design (CPTED) is
defined as a multi-disciplinary approach for reducing crime
through urban and environmental design and the management
and use of built environments.
Secured by Design 2019 UK
SBD is a police initiative that improves the security of buildings
and their immediate surroundings to provide safe places to live,
work, shop, and visit.
UFC 4-022-03
Uniform Facility Codes Security Fences and Gates.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest
revision.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 8 OF 31 1
High Security Fence – Elevation
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 9 9 OF 31 1
High Security Fence – Minimum Performance Requirements
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 00 OF 3 11
A9: Vehicle Security Barriers
Overview
This section applies to any location with a Protection Group of Restricted or the site-specific Threat and
Risk Assessment identifies a need for the protection of people against a hostile vehicle threat, whether
that be a Vehicle As a Weapon (VAW) attack or a Vehicle-Borne IED.
Whilst many of the NEOM vehicles are set to be automated and driverless, the need for Hostile Vehicle
Mitigation (HVM) may remain in locations where standard vehicles could gain access. This is likely to be
the case for the NEOM Industrial City due to the Port and also any facilities that can be accessed from
highways and roads through the region.
Key considerations for the designer when designing an appropriate HVM scheme is in relation to:
•
The level of threat and identified threat methodology.
•
The expected performance requirements of HVM protection measures.
•
The likely throughput if the measures are active and need to all authorised vehicle movement.
•
Integration with intended architectural design of locations.
The designer should design HVM measures to complement their surrounding whilst still maintaining a
certified level of impact protection.
More obtrusive and standard HVM design approaches should be reserved for industrial sites with limited
public footfall where the aesthetic is less of a concern.
The Design Process
For the successful design of a HVM scheme, a multi-stage process is required in order to develop the
relevant performance requirements, through a well-defined Operational Requirement (OR). The OR
process is robust and will illustrate the relevant factors in selecting the right scheme, rather than a
blanket application of Vehicle Security Barriers (VSBs).
The following image highlights the design steps and design considerations that should be considered
through the various design stages by the designer for an HVM scheme, if required.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 01 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 02 OF 3 11
Threat
There are two vehicular based threat types to be considered. Dependent upon the assessed threat type
and level, the designer should select an applicable mitigation strategy, summarised in the later sections.
•
Vehicle As a Weapon (VAW) – the use of a hostile vehicle to target Crowded Place, as part of a
crude and simplistic attack methodology. Pedestrians are targeted by driving a vehicle at crowds
with the intent of killing and injuring multiple casualties.
•
Vehicle-Borne Improvised Explosive Device (VBIED) – the use of a vehicle to store, carry and
ultimately detonate an explosive load against an identified target.
Further to the potential vehicular terrorist threat types, there are a number of methodologies that should
be considered as defined in the following matrix. All applicable options should be considered as part of
the OR process.
Attack Methodology
Designer Consideration
Parked – a parked VBIED device is left adjacent to a target
and detonated.
•
Enforce stand-off.
•
Detection of suspicious vehicles.
Encroachment – a vehicle encroaches beyond a site
perimeter where protection provides exploitable gap or a
hostile vehicle 'tailgates' behind an authorised vehicle.
•
VSB protection to disable hostile vehicle
upon impact.
•
HVM scheme designed in line with design
/ installation requirements.
•
Tiger trap system for critical asset.
Penetrative – vehicle speed is built up to allow a hostile
vehicle to breach a site perimeter and target an asset.
•
VSB protection to disable hostile vehicle
upon impact.
Deception – deception focuses upon gaining unauthorised
access beyond a secure perimeter through pretence or
stolen access credentials.
•
Secure access control system.
•
Authentication and Verification for
access.
Duress – an attack is facilitated by placing somebody under
duress to gain access beyond a secure perimeter.
•
Duress detection.
•
Multi-layered defence.
•
Tiger trap system.
Insider – a person with legitimate access facilitates an attack
by operating the security protective measures, providing
access for the hostile attacker.
•
Staff vetting.
•
Insider threat mitigation.
•
Multi-layered defence.
Tamper / Sabotage – the attacker disables or weakens the
security protective system prior to an attack. This may be a
physical or cyber-attack on automatically controlled
measures, to undermine their protective ability.
•
Visual surveillance.
•
Regular maintenance / inspection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 03 OF 3 11
Vehicle Dynamics Assessment
As part of the OR process, a Vehicle Dynamics Assessment (VDA) should be conducted to understand
the impact classification requirements for any required VSBs.
Firstly, the designer should select the relevant risk-based threat vehicle for assessment, from the IWA14 vehicle classification types. It is recommended that the default is a N2 or N3C vehicle type.
Where a very clear threat is present, then larger vehicle types may need to be considered.
It should be noted that the threat vehicles do not cover construction equipment. If this is considered a
threat, then a pure VSB solution is unlikely to be successful without operational measures also.
The VDA should account for the total approach speed along an assessed attack path. This should be
calculated based upon the threat vehicles acceleration and cornering speeds along the vehicle swept
path.
The designer should remember that standard ‘rules of the road’ do not apply so any possible means of
approach is credible. The attacker will likely mount footpaths, enter pedestrianized zones and ignore
road signs, with the potential to traverse over large open spaces such as parks.
An example VDA is provided below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 04 OF 3 11
The VDA impact speed provides an impact classification. An example impact classification is as follows.
It should be noted that some classification schemes will not provide a Dispersion of Major Debris
distance.
Applicable VSB measures should be selected based upon the calculated impact classification and their
intended placement and any throughput requirements for vehicles or pedestrians.
Design Approach
The design approach must be based upon the threat being mitigated.
Vehicle as a Weapon Attacks
The protection scheme should look to achieve the following aims in descending order:
•
Prevent vehicles entering the area to be protected through a denial scheme.
•
Provide a scheme that restricts easy or fast movement of vehicles into the protected space.
•
Provides a visual deterrence to vehicle attacks.
•
Provides early warning of an attack through noise or disturbance to allow people sufficient time to
move away from potential danger.
Vehicle Borne IED
Creation of Stand-off
Enforcement of stand-off is the key mitigation approach that should be adopted.
Protection Group
Stand-Off Required
Restricted – Critical Assets
45.0m
Restricted – Other Assets
25.0m
Enhanced – Critical Assets
25.0m
Additional blast mitigation measures (i.e. façade / glazing / structural design enhancement) may be
needed where stand-off is limited.
Stand-off must be enforced with impact tested and certified VSBs, with their impact rating at least
equivalent to the highest speed attainable in that location based on the VDA.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 05 OF 3 11
Attack Speed
When designing the object or surrounding approaches, there may be opportunity to limit potential attack
speeds. This reduces target attractiveness with a reduced potential impact from a VAW perspective and
reduced vehicular penetration if considering a VBIED attack.
As illustrated by a VDA, potential vehicle attack speed can be limited where there are a number of tight
radius turns. Therefore, the following principles can reduce the potential attack speed:
•
The approach roads to an object requiring HVM protection should be designed as to not allow for
direct straight approaches.
•
Direct approaches should not lead directly into an object opening, i.e. lobby area.
•
Chicanes can be inbuilt where it is desirable to further reduce attack speeds.
Visual Deterrence
A visual deterrence scheme can reduce the likelihood for attack by dissuading the potential attacker that
their attempt would be successful. This is based on the attacker wanting to avoid any substantial
obstacle.
However, it is important that the designer recognises, that residual risk remains in that a visual
deterrence scheme does not prevent a determined hostile attacker.
A visual deterrence scheme may be suitable in locations where there is a reduced risk of a vehicular
attack, but still some potential for attractiveness as a target, e.g. small crowds. Visual deterrence would
be particularly useful at large public open sites where rated VSB may not be proportionate to the threat.
Visual street furniture could be used in an architecturally supporting manner, with opportunity for design
creativity. Typical measures may include.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 06 OF 3 11
A successful visual deterrence scheme will reflect the following design principles:
•
Spaced at maximum distances of 1,200 mm from the hardened edge of structure, as to not provide
for large attractive gaps in protection.
•
Utilising substantial measures, i.e. height, mass, depth, to provide for greater visual deterrence.
•
Using robust materials, i.e. concrete planters to provide for enhanced visual deterrence.
The designer is reminded that the use of visual deterrence measures should only be used in low-risk
environments or in support of a rated VSB protective scheme, due to the fact that they are not impact
rated.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 07 OF 3 11
Vehicle Denial
If vehicle denial is required protecting crowded place against a VAW attack, or for enforcing stand-off
against a VBIED threat, then the design approach taken should successfully disable a hostile vehicle in
the event of impact.
Denial can be achieved through a number of approaches including:
•
Using standard VSB products certified to IWA-14.
•
Constructed defences.
•
Landscaped solutions.
Standard VSBs
A large range of VSB products are available, which are certified to IWA-14: 2013 – Vehicle Security
Barriers to disable a hostile vehicle, as specified by their impact rating.
It is vital that all HVM elements conform to the following principles:
•
The maximum air gap between the hardened core of adjacent VSBs is 1,200mm.
•
The 1,200mm air gap is measured between structural elements at a height of 600mm above ground.
•
The minimum height for vertical fixed structure is >600mm, assuming a vertical attack face.
However, increased height above 500mm will give greater visual deterrence and is likely to reduce
any potential penetration distances.
•
It should be noted that bollards must be to the tested height specific to each manufacturer; this is
generally in the region of 900 – 1,000mm from finished ground level.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 08 OF 3 11
VSB Type
Example Measure
Bollards
Static, retractable,
sliding, folding,
removable.
Blockers
Rising.
Gates
Swing, sliding, rising
arm barrier.
DOCUMENT CODE: NEOM-NSE-PRC-001
Typical Image
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 09 OF 3 11
VSB Type
Example Measure
Perimeter Barriers
Rope system,
planters, fences /
barriers.
Typical Image
The exact type of required measure should be specified by the OR process. For instance, if authorised
access for vehicles is required then some form of active measure is needed.
When selecting products, the designer should consider as a minimum:
•
Available foundation depths.
•
Static or active requirement.
•
Operational overlay i.e. automated, manual.
•
Expected throughput usage.
•
Aesthetics.
•
Suitability of the measure type to meet the VDA impact speeds.
•
Allowable penetration past the VSB.
•
Environmental conditions where the measures will be installed.
Constructed Defence
Where VSBs may not be suitable, constructed obstacles such as walls should be used to disable a
hostile vehicle in the event of impact. However, the constructed defence must be able to mitigate the
impact forces of a hostile vehicle. In most cases they will be best achieved through using a rated VSB
base measure and constructing a structure around it. The structure should not be overly rigid as to
prevent engagement with the VSB, or potentially form ‘a ramp’ to by-pass the location.
Where a VSB is not incorporated, the measures will not be impact rated as a tested measure but may
still be proportional to the threat if only deterrent measures are warranted.
A key example of this would be a wall system for e.g. a protected residence. This would be constructed
from substantial materials with a depth that would prevent hostile vehicle incursion. The defence of such
wall system could also be designed as to provide resistance against the effects of blast, or with added
structural resistance, e.g. using a Bi-Steel section to form the base section of the wall.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 10 OF 3 11
The principles to be followed are:
•
Be a minimum of 650mm height.
•
Be a minimum of 500mm in depth.
•
Be constructed of sufficiently robust and dense material e.g. reinforced concrete with extensive face
to face reinforcement.
•
Have a continuous foundation that allows the wall to act as one element and thus dissipate forces
better.
•
Be suitable for the ground conditions, such that there is no degradation of the foundation or wall
alignment over time.
Landscaped Features
Landscaped features will be important in the case of NEOM in separating areas of autonomous vehicles,
from people and where non-autonomous vehicles are in operation.
Landscaping as an HVM approach is also far more visually appealing, as well as cost effective over long
distances, and should be favoured over VSB measures by the designer where practicable. However,
landscaped measures do require maintenance to remain effective and this should be taken into account
by the designer when selecting their approach.
Bunds / Berm
Naturally formed barriers can provide vehicle denial as part of a secure perimeter, when meeting certain
requirements for installation. Bunds provide a sufficient obstacle when a tall enough obstacle, with a
sufficient angle on the attack face is installed.
Bunds can be enhanced when constructed using geo-textile VSB measures, which will also maintain the
shape of the measure over a period of time.
The designer should ensure that the bund:
•
Has an approach angle >50°.
•
A vertical height of at least 1,250mm.
•
A break-over angle of <130°.
Ditches
Ditches deny vehicle movement when a sufficiently wide and deep enough ditch is introduced. Ditches
must be maintained to be effective and therefore may not be suitable for all locations or threat vehicles.
The designer should not rely on information of dimensions and attacks speeds in this document and
must complete their own calculations and design.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 11 OF 3 11
The designer should consider a 4x4 vehicle’s capabilities in the design of an HVM ditch, as this vehicle
is most equipped to overcome it.
The typical ditch dimensions based upon the assessed impact speed are as outlined below.
Approach Speed
(Kph)
W = Minimum Ditch
Width
32
3.0
48
4.0
64
5.0
B = Back Face (˚)
D = Depth (M)
>50˚
>1.25
It is incumbent upon the designer to verify the dimensions for their specific use case.
Vehicle Access Control Points
At any location where an authorised vehicle requires access beyond a secure perimeter line, a Vehicle
Access Control Point will be required. This is typically needed at site perimeter entrances such the
airport airside perimeter, or at the Hydrogen Plant site boundary.
The designer must carefully consider the necessary access requirements, with consideration for:
•
How will active measures be operated?
•
What authentication is required to ensure only authorised vehicles and occupants have access?
•
How frequently will vehicle access be required?
•
Are there are any conditions of entry, i.e. vehicle search?
As part of the Concept of Operations, a detailed operational strategy should be provided for VACP
operations. An example of the outline operation is provided below.
The designer should be aware of the supporting infrastructure required at VACPs including:
•
Vehicle rejection capability.
•
Operational staff and welfare facilities.
•
Active barrier safety requirements e.g. safety sensors.
•
Video Surveillance coverage.
•
Other security systems.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 12 OF 3 11
Also refer to the Perimeter Security Section where gatehouses are required.
Example for Day to Day Operations
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 13 OF 3 11
Reference Standards
The following standard should be used when developing the Vehicle Security Barrier design:
Standard
Description
ISO IWA 14
Vehicle Security Barriers.
BSI PAS 170-1
Vehicle Impact – Low Speed Impact Testing.
CWA 16221
Vehicle security barriers. Performance requirements, test methods
and guidance on application.
ASTM F2656 / F2656M - 18
Test method that provides a structured procedure to establish a
penetration rating for vehicle perimeter barriers subjected to a
vehicle impact.
KSA Ministry of Interior HCIS Security
Directives Sec 06 4.3.3 for crash barriers
Defines level of protection required for facilities across Saudi
Arabia- specifically the standard required for crash barriers.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 14 OF 3 11
A10: Counter-Unmanned Aerial Systems
Overview
This section defines the requirements for Counter- Unmanned Aerial Systems (C-UAS), sometimes
referred to as Counter-Drone Systems. Whilst there have been incidents of hostile UAS in KSA, these
are currently infrequent and have been targeted against Royal, Government or Iconic locations, and
therefore it is prudent to plan a level of detection and protection.
However, due to the extensive range of UAS there will be a Regional level approach as well as any
localised requirements. The designer must consider the following threat options for UAS, and whether
they will apply to the facility, site or building they are designing.
•
A weaponised UAS attack – Likely to affect Royal residences and important Government
buildings.
•
Disruption of normal activity – Likely at locations where safety would be affected, such as the
airport.
•
UAS information collection – Likely for research facilities and flagship technology buildings.
The text, in terms of security effect, refers to a DTIE approach:
•
D – Detection.
•
T – Tracking.
•
I – Identification.
•
E – Effect.
C-UAS should be considered for Protection Group Restricted sites.
Where the vulnerability cannot be designed out, then a DTIE system should be designed.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 15 OF 3 11
Threat
The C-UAS function will provide mitigation against threats identified within the Design Basis Threat,
and specifically will reduce the impact against those threats highlighted in Overview Section. As UAS
threats, in general, are a potentially growing concern, further detail has been included below in the
Threat Overview.
Threat Overview
UAS present a number of key threats to the safety and security of NEOM. This is an emerging threat
with an increased use of UAS for criminal and extremist purposes seen globally. This has been
enhanced particularly with the growing capabilities of UAS such as increased flight times, payload
capacity and autonomous flight modes. UAS can support both criminal and extremist motivations or
be linked to intended nuisance attacks.
UAS have a variety of different forms from quad-copters to fixed-wing systems, however they can be
categorised into two primary categories:
•
Hobbyist: Readily available UAS with a low cost, typically with a payload capacity up to 20kg and
flight time up to 40 minutes.
•
Commercial: Bespoke and high cost UAS with upgraded capability including payload capacity,
flight time and technological components.
The varying capabilities of UAS determine the potential impact of a propagated UAS threat.
These can be broken down into kinetic and non-kinetic threats.
Kinetic threat types include:
•
Delivery of explosive payload i.e. mortar, IED, grenade.
•
Direct impact of UAS into person, object, or network function in order to cause damage or
disruption.
Non-kinetic threat types include:
•
Dispersal of CBRN agents.
•
First-person view surveillance.
•
Espionage and hostile reconnaissance.
•
Protest; carrying or dispersal of protest materials.
•
Protest; interruption of network capabilities.
•
Information theft i.e. WIFI capture, electronic jamming, signals collection.
The threats posed by UAS are set to increase as the capability of the available systems are
developed. If your design is required to take account of UAS threats, the above threat types must be
graded in your specific Threat and Risk Assessment.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 16 OF 3 11
Performance Requirements / Design Requirements
The C-UAS response will mitigate the effect of UAS through an approach of Detection, Tracking and
Identification of a hostile UAS, and application of the relevant security Effect to disable or disrupt the
UAS. This is known as a DTIE system.
Where the designer includes a C-UAS, then a concept of operations, including the response/effect
element of the DTIE system needs to be described. In certain cases, the E function will not be within
the designer’s remit, and in this scenario, the use of the DTI system needs to be clearly articulated.
Design Considerations:
The following design considerations must be taken into account:
•
Always first, is a C-UAS necessary or warranted based on the threat and risk assessment
completed by the designer.
•
Such systems, where warranted, should be discussed with NEOM Security Department prior to
any design work being undertaken.
•
Could the vulnerability to the protected assets be designed out, negating the need for a C-UAS
system?
•
Can cover from view be part of the design approach?
•
Can assets be concealed or disguised to prevent their easy recognition?
•
Will the system negatively affect neighbouring sites or operations?
•
Can a local physical barrier be put in place to protect the asset?
•
If protecting sensitive information, can obscuration films, placement away from window areas etc
be used to deny access to it?
•
Will the use of an Effect system represent an increased risk to life safety or other assets if
enacted?
•
Where located in an urban environment, would a C-UAS system offer any benefit due to the short
detection ranges and response times available?
•
Any system should not have a detrimental effect on other communications and signals.
Detection
The C-UAS should have a capability to sense the presence of unexpected objects within the specified
area of interest. Design consideration should be given to what is being protected and how time critical
the protected asset is, and thus define early warning requirements for detection of a UAS.
The detection capability of the UAS should:
•
Have a high detection rate for both hobbyist and commercial drones across a range of altitudes.
•
Ability to detect and track multiple targets.
•
Have a maximum detection time of 30 seconds after UAS launch within the system detection
zone.
•
Provide for a low false alarm rate, reducing interference from clutter or slow-moving objects such
as birds.
•
Provide a minimum detection arc of 200m within internal urban environments from the sensor and
provide a wide sensory range beyond the external perimeter, where appropriate. The arc should
be configurable so that the deployment location can be ‘filtered’ for known infrastructure,
obstructions and UAS flight paths.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 17 OF 3 11
•
Provide early detection to allow tracking and identification, as well as escalation of a security
response.
•
Where an extended perimeter is permissible, e.g. airport, hydrogen plant, the detection range
should be a minimum of 2km. The minimum detection range must be confirmed by the designer
based upon flight times to protected assets.
•
Must be capable of distinguishing between other airborne objects in that location.
The detection capability of the C-UAS must be linked to either a facility, site or building dedicated
Security Control Room or NEOM community central monitoring centre. Alerts will highlight to the
security operator a presence of a detected UAS. If the facility, site, or building does not have a
dedicated Security Control Room, then the requirement for a C-UAS should be the first consideration.
The detection process also extends beyond detecting UAS presence in the air. The C-UAS should be
integrated with security measures such as perimeter intruder detection and visual surveillance to
support the early detection of a drone operator. The system should also incorporate other electronic
detection methods that will identify an operator’s location as this provides another potential Effect
response which is easier to enact.
Ground detection of unauthorised persons or vehicles could be a precursor to a hostile UAS being
launched. Early detection for critical infrastructure facilities should consider detection technologies
that operate beyond their physical perimeter.
Tracking
Early detection of a UAS will be supported by the C-UAS tracking capability, which will determine the
location of the object and track the UAS flight path, altitude, and potential pilot location.
The tracking capability of the UAS will:
•
Track the UAS flight path, also indicating the movement trail from detection.
•
Determine flight altitude.
•
Indicate the UAS speed and therefore be able to integrate with other systems to show a threat
overlay with potential arrival times to different assets.
•
Track data signals to pinpoint location of operating pilot.
•
Provide GPS or other data to other security sensors, such as video, to allow multi-mode
verification and surveillance of the UAS.
UAS are based upon internet-based communications, which provide for an exploitable vulnerability to
track the user of the UAS. Data transmissions between the UAS, external servers and controlling
smart device will be detected and tracked to determine the pilot location. This information could
include GPS location, name information, IP addresses or product serial numbers.
Where the DTI or DTIE system is a commercial system, it will be the responsibility of the commercial
organisation for monitoring DTI functions, and only where appropriate and approved by NEOM
Authorities will an E function be allowable.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 18 OF 3 11
Identification
The C-UAS will then have the capability to identify the UAS; this will classify an unidentifiable object
as a hostile UAS.
The identification capability of the UAS will:
•
Distinguish between authorised UAS and unauthorised UAS, this will also link to a geo-fencing
system, flight exclusion zones, time authorisations as a minimum. The wider control of airspace
should be discussed with NEOM if your risk assessment determined that a C-UAS is warranted.
•
Provide a confirmation of the tracked UAS to a monitoring station as a hostile UAS intrusion.
•
Decide on an appropriate response.
•
An Automatic Identification System (AIS) will support the identification of UAS. All authorised UAS
used for a variety of supporting services i.e. security, service inspection, transport of goods within
NEOM will have an AIS transponder fitted and be registered with the NEOM authorities.
•
The AIS will link to a registered user database that will give the detecting C-UAS system standard
non-personal data. If the UAS poses a threat, then either the C-UAS will be able to take direct
action or reporting of the incident to NEOM if not an authorised Effect system.
•
Identify potential targets of the UAS.
Therefore, any object within the airspace that is not fitted with an AIS transponder and is registered
will be immediately identified allowing for the relevant security effect or response to be prioritised.
Effect
The combination of Detection, Tracking and Identification will allow for the supply of timely information
which allows for a relevant security Effect if authorised.
Any Effect must be safe and not increase the risk of injury to people or property.
This will manifest in the following C-UAS capabilities:
•
Disrupt: intercept and jam UAS signals to prevent incursion and return to the pilot location.
•
Disable: intercept data signals and commandeer UAS to force to land safely.
•
Defeat: use kinetic measures to physically destroy or capture the hostile UAS.
It should be accepted that it is unlikely to be safe and practical to use jamming or kinetic methods in
urban areas. A detailed Security Operational Requirement (SOR) is required to determine the
necessary security response to unauthorised UAS incursions. This will be determined by:
•
The criticality of the targeted object and required immediacy of response.
•
Surrounding assets and people, considering injury or damage if the UAS is brought down.
•
Type and size of the hostile UAS.
It is stressed, that in all cases, consideration of a UAS threat early in design is most
appropriate and where possible using design features and layout to prevent the threat will be
more effective and enduring than fitting a C-UAS.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 19 OF 3 11
Equipment
The designer needs to consider the range of detection measures that are suitable for their facility, site
or building as this will differ:
•
Radar: transmittal of radio waves to detect objects through reflection. Particularly useful for
scanning large area ranges.
•
Electro-Optical: camera that senses objects on the electro-magnetic spectrum in daylight, or
through the use of Infra-Red during night-time.
•
Electronic Surveillance: detecting electromagnetic emissions.
•
Acoustic Sensors: detection of objects through sound waves emitted by object.
The type of detection technology, and combination of sensors will need to be determined based on
layout and identification of assets for protection. The technology decision and supporting vulnerability
assessment should form part of the early design stages, preferably in the Concept Phase.
Supporting Mitigations
The designer should consider supporting the C-UAS with the following additional mitigations:
Exclusion Zones and Geo-Fencing
Discrete facilities, sites, and buildings with a defined physical security perimeter, such as a fence (e.g.
Airport, Desalination Plant) may benefit from geo-fencing to act as an exclusion zone. This will detect
the incursion of unauthorised UAS into the airspace of areas which will be attractive targets to both
criminal and extremist exploitation via UAS.
Internal Information Protection
Information Technology resilience will be designed into systems to limit the opportunity for a UAS to
extract sensitive information. Cyber resilience mitigations will successfully reduce the impact that a
cyber-attack via UAS could have.
Left Package / CBRN Detection
Left package detection and CBRN will support the detection of packages such as IEDs delivered via
UAS or dispersal of CBRN agents by UAS. This capability if required, should come from other
surveillance assets, and be clearly defined in the Security Concept of Operations.
Blast Resilience
A very limited number of facilities, sites or buildings should have a degree of blast resilience, with
particular consideration for object structure and rooftop strength. Any blast measures should be
designed into the building, only after vulnerability has been removed remembering that the majority of
UAS can only deliver small payloads.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 20 OF 3 11
Reference Standards
Currently very few specific standards exist to define C-UAS systems. The designer should follow the
guidance of the constituent elements of the system to provide a safe and effective system. i.e. radar
linked to video as a detection and tracking combination.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest
revision.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 21 OF 3 11
A11: Blast Protection
Introduction
The requirements for blast protection within NEOM will be based upon the specific threat and risk
assessment that is completed for the facility, site, or building. There are a number of baseline design
considerations that will provide an overall reduction in the effects of any blast or extreme loading
scenarios.
Before blast protection measures are designed, the following considerations should be made.
•
Is the overall risk severity of a blast related event beyond a tolerable level? i.e. is blast protection
needed?
•
Is it possible to design out the vulnerability for what is being protected?
•
Can the stand-off distance between the protected area and the location of an explosion be
increased to reduce the likely loading on the structure/asset?
•
Is the orientation and location of the protected asset such that it minimises any blast effects?
•
Can the blast wave be disrupted before it reaches the asset?
•
Can building/structural hardening be undertaken?
If there is a requirement for blast protection/mitigation then the following should be considered the
minimum design criteria, but must be informed by the specific threat and risk assessment:
•
Any structure must be designed to not disproportionately or progressively collapse when subjected
to the threat loading criteria.
•
Any elements that will form secondary fragmentation, especially glazing, must be designed that the
failure mode is a Low hazard. (See the Glazing Section).
•
Any blast effects experienced by people must not be made worse through the design.
Assessment of blast loading and its effects must be completed by a suitably qualified and experienced
person in the effects of blast loading.
Certain built objects within NEOM will require defined levels of protection from blast loading and these
are outlined in the following matrix. Further protection, if required, should be evidenced in the specific
threat and risk outcomes.
Built Object
Factor
Recommended Treatment
Restricted Protection Group
Effects of blast loading.
•
Specific consideration of critical assets
and key areas for protection.
•
Control Rooms.
•
Gate/Entry Posts.
•
Control Rooms.
•
Gate/Entry Posts.
•
Critical Points.
•
Safe Rooms.
•
To be informed by the Royal Protection
Unit.
Airport, Port, Data Centres,
Border Points, Security
Facilities, Hydrogen Production
& Pilot, Financial Services,
Government Complexes,
Consular, Police Stations.
Effects of blast loading.
Royal Residences
Effects of blast loading.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 22 OF 3 11
Design Basis Threat
The following table provides the standard DBTs for explosives base threats. Applicability of each DBT
should be taken from the Minimum Security Requirements Section.
Threat
Design Basis Threat
VBIED
•
100kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 20.0m.
•
Stand-off to structure to be informed by enforceable distance for preventing
a vehicle, i.e. HVM measures.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 20.0m is
taken where the stand-off is below 20.0m, and actual stand-off utilised
where the distance is above 20.0m.
•
500kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 20.0m.
•
Stand-off to structure to be informed by enforceable distance for preventing
a vehicle, i.e. HVM measures.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 20.0m is
taken where the stand-off is below 20.0m, and actual stand-off utilised
where the distance is above 20.0m.
•
15kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 6.0m.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 6.0m is
taken.
•
15kg TNT equivalent bare charge detonated at 0.25m above the ground
applied at a satnd-off distance of 6.0m.
•
For attacks against a structure it should be assumed that the charge has a
minimal to zero stand-off distance if no obstruction to placing the IED exists.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 6.0m is
taken.
•
1kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 1.0m.
Large VBIED
PBIED
Placed IED
Mail IED
Note: Unless specifically indicated by NEOM Public Safety Department, buildings and structures are not
designed to withstand military explosive based threats.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 23 OF 3 11
Reference Standards
The following standard should be used when developing the blast protection design:
Standard
Description
ISO16933
Glass in building - Explosion resistant security glazing Test and classification for
arena air blast loading.
ASTM F1642 / F1642M-17
Standard Test Method for Glazing and Glazing Systems Subject to Air blast
Loadings, ASTM International, West Conshohocken, PA, 2017.
EN 13123-1
Windows, Doors and Shutters Explosion resistance; Requirements and
Classification Part 1: Shock Tube. CEN European Committee for
Standardization, 2001.
EN 13123‐2
Windows, Doors and Shutters-Explosion Resistance; Requirements and
classification - Part 2: Range Test. CEN European Committee for
Standardization, 2004.
EN 13124-1
Windows, Doors and Shutters – Explosion Resistance; Test Method Part 1:
Shock Tube. CEN European Committee for Standardization, 2001.
EN 13541
Glass in building - Security Glazing -Testing and classification of resistance
against explosion pressure. CEN European Committee for Standardization
2012.
GSA-TS01
Standard test method for glazing and window systems subject to dynamic
overpressure loadings. US General Services Administration, 2003.
References
Blast Effects on Buildings. Cornie, Mays & Smith. 3rd Edition. 2019.
Handbook for Blast-Resistant Design of Buildings. John Wiley & Sons, Inc. 2010.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 24 OF 3 11
A12: Ballistic Protection
Overview
NEOM is being developed to provide multi-layered security from its borders, through the buffer zones
that surround the City and outlying sites, and into the buildings and structures that will form the
communities. It is anticipated that very few sites will require a level of ballistic protection, and by
exception these need to be identified during the facility, site or building specific threat and risk
assessment.
The topic of ballistic protection is closely aligned with the Glazing Section, and this should also be
referred to by the designer to understand the overall enhanced security requirements that may be
required.
Certain built objects within NEOM will require defined levels of protection for ballistic protection and
these are outlined in the following matrix. Further protection, if required, should be evidenced in the
specific threat and risk outcomes.
Built Object
Factor
Recommended Treatment
Restricted Protection Group
Effects of Ballistic Damage.
•
Specific consideration of critical
assets and key areas for protection.
•
Control Rooms.
•
Gate/Entry Posts.
•
Control Rooms.
•
Gate/Entry Posts.
•
Critical Points.
•
Safe Rooms.
•
To be informed by the Royal
Protection Unit.
Airport, Port, Data Centres, Border
Points, Security Facilities,
Hydrogen Production & Pilot,
Financial Services, Government
Complexes, Consular, Police
Stations.
Effects of Ballistic Damage.
Royal Residences
Effects of Ballistic Damage.
Threat
NEOM requires to future-proof specific locations against the threat of a ballistic attack. Whilst these
attacks could be unlikely, the likelihood may change in the future and such measures are costly and
difficult to retrofit effectively.
Therefore, an identified need for ballistic protection will use the following design base threat for all
locations unless an enhancement is required based on the people or asset being protected.
The security factor and its associated design base threats:
Security Factor
Effects of Ballistic Damage
Intent
• Protection Measures
DOCUMENT CODE: NEOM-NSE-PRC-001
Design Base Threat (DBT)
• BR/FB6 + SG2.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 25 OF 3 11
Performance Requirements
Effects of Ballistic Damage
The first consideration is for the vulnerability wherever possible to be designed out, consider:
•
Orientation and/or placement to avoid the vulnerability.
•
Denying direct line of sight. Most threats will require line of sight to be successful.
•
Where the situation cannot be avoided, designing a number of layers to provide the protection.
•
Glazing is degraded by ballistic attack and therefore as tested will only provide certainty of
protection for a maximum of three rounds of the specified ammunition. Therefore, no protective
ballistic system in isolation represents the whole security solution.
•
If polycarbonate is used in the glazing build-up, it should not be placed where the environmental
conditions will degrade it, or in areas where abrasion is likely.
•
A glazing specialist should be consulted where the glass tint is important, as thicker ballistic
protective glass will cause a green tint unless specified with the correct chemical content.
•
Protection can be developed through the use of multiple denial and protection layers as shown in
the following schematic.
The DBT is based against the system defined in BS EN1063 and BS EN1522 that defines the threat on
a scale prefixed by BR or FB. The threat is the same for each level.
Therefore, wherever ballistic protection is required, the baseline level of protection is BR/FB6 and SG2.
Certain facilities where ballistic glazing is required, such as the Royal Residences, may require an
enhancement above the DBT. This should be discussed with the relevant security stakeholders.
Safe rooms designed against ballistic attack will require careful consideration to ensure that no weak
areas exist in the protective shell of the room. This is 3 dimensional and should include floors and ceiling
areas, as well as wall panels.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 26 OF 3 11
Reference Standards
The following standard should be used when developing the ballistic protection design:
Standard
Description
BS EN 1063
Glass in building. Security glazing. Testing and classification of
resistance against bullet attack.
BS EN 1522
Windows, doors, shutters and blinds. Bullet resistance.
Requirements and classification.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 27 OF 3 11
A13: Security Doorsets
Overview
Security door sets will form a key element of the physical security overlay and must be considered as
part of the overall security effect.
It is important to determine the security requirements for the door specifically and the following
considerations should be taken account of:
•
What function does the doorset need to perform? This should consider normal operations alongside
the type of threats it should mitigate.
•
Following the STRA, what types of threat / attack does the door need to work against (i.e. Manual
attack, blast, ballistic etc.)?
The security function for doorsets is as follows:
•
To prevent or delay unauthorised access into a protected space by providing a physical barrier that
provides proportionate mitigation to an assessed threat of unauthorised entry.
•
In some cases, such as police stations, prisons, and secure mental health medical facilities it will be
necessary to provide doors and doorsets that prevent unauthorised exit from a facility.
•
To provide a demarcation between public and private space.
•
To prevent undetected entry into a protected area through resistance to surreptitious attacks.
•
To allow safe egress from the protected building or area in an emergency while preventing
unauthorised entry.
•
To provide enough time for those inside a protected building or space, if under attack, to act before
criminal entry is gained.
•
To provide the appropriate level of security against unauthorised entry to restricted areas within
buildings. For example, entrances to cash handling areas in banks or high value goods facilities in
logistics warehouses.
There are many different types of doorsets on the market and it is important that designers choose the
correct door for the location where it is to be installed and for its purpose. Some examples of security
rated doors are shown below:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 28 OF 3 11
Attacker Capability
The following table sets out a classification guide for potential manual attackers, based upon the level of
criminal intent, preparedness, skillset, knowledge, and available equipment.
The attacker types are taken from BRE LPS 1175: Issue 8 categorisation of criminal threat levels. This
considers an assessment of an attacker’s intent and capability, to provide a security rating based upon a
capability threat rated from A to H (low to high).
The overall delay time to be achieved can be achieved either through a single or multiple layers of
protection.
The following matrix provides guidance on the minimum standard that should be applied based upon the
Protection Group and criticality. However, these are minimum standards and if an STRA shows
increased threat greater protection levels may be required.
If a designer specifies doors that are certified under a different standard, proof of delay compliance will
need to be provided at the relevant design stage.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 29 OF 3 11
Protection
Group
Attacker
Type
Description
Tool set
SR Rating
Baseline
A
An opportunistic
criminal exploiting
a security
vulnerability using
low tech, handheld
tools.
SR 1
(A1 = toolset
A, 1-minute
delay).
Baseline –
Critical Areas
Enhanced –
Specified
Supporting
Areas
B
An opportunistic
criminal targeting
specific locations.
SR 1+
(A3 = toolset
A, 3-minute
delay).
Enhanced –
Critical Areas
C
Planned targeting
of more sensitive
sites.
SR 3
C5 = toolset
C, 5-minute
delay).
Restricted –
Specified
Supporting
Areas
E
Determined
criminal targeting
important sites.
SR 5
E10 = toolset
E, 10-minute
delay).
Restricted –
Critical Areas
H
Sophisticated and
determined
attacker, targeting
a mission critical
facility.
SR 7+
H10 = toolset
H, 10-minute
delay).
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 30 OF 3 11
Examples of how delay can be layered over different elements of the built form to achieve and overall
delay time are provided below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 31 OF 3 11
The selected doorsets would be expected to meet the following performance requirements:
•
Delay an attacker’s attempts to penetrate the doorset in order to enter the protected building or
space within a building.
•
Provide the appropriate level of resistance according to the Protection group of the building or space
to be protected.
•
Resist the creation of a full-body access aperture through the fabric of the leaf. This aperture is
defined within the Centre for Protection of National Infrastructure’s Manual Forced Entry Standard
as being one through which an elliptical test block measuring 400mm by 225mm may be passed.
•
Prevent undetected entry into a protected area by providing resistance to surreptitious attack.
•
Be fitted with door locking hardware and hinges, dog bolts etc. that are commensurate with the
assessed resistance class of the doorset.
•
Be suitably durable and maintainable relative to the doorsets location.
•
Be securely installed within compatible structures. If this is not the case and a security door is
installed into a weaker structure it may:
o
Fail to prevent unauthorised entry. For example, it may be possible for an attacker to remove the
doorset from the surrounding structure or penetrate the surrounding structure in order to operate
door release mechanisms located on the protected side of the doorset.
o
Lead to structural damage. For example, if a doorset incorporating a heavy door leaf is fitted
within a lightweight partition, the surrounding partition may crack due to the door leaf opening
and closing repeatedly causing fatigue fractures in the walling material. Fixings holding the
doorset may also work loose.
Reference Standards
The following standards should be referred to when developing the security doorset design:
Standard
Description
LPS 1175 – Issue 8
LPS1175 focusses on the physical security of ‘intruder resistant building components’,
which includes strong-points, security enclosures, free-standing barriers, and any
products that fall within those categories, such as doors, shutters or fencing.
PAS 24
Enhanced security performance requirements for doorsets and windows in the UK.
Doorsets and windows intended to offer a level of security suitable for dwellings and
other buildings exposed to comparable risk.
BS EN 1627
Pedestrian doorsets, windows, curtain walling, grilles and shutters. Burglar resistance.
Requirements and classification
BS 3621
Locking system standard for doorsets - Locked by key from both sides.
BS 8621
Locking system standard for doorsets - Locked by key from outside only, can always
be opened from the inside without a key.
BS 10621
Lock assemblies in which the operating mode can be switched between the normal BS
8621 operating mode and a secure mode in which no egress is possible.
Saudi Building Code
2018
General requirements.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 32 OF 3 11
A14: Security Glazing
Overview
Given the design vision and liveability aspects of NEOM, natural light will form a key part of any scheme,
balanced against passive heat control and the maintenance of privacy for residents, businesses and
visitors. There are a number of concerns related to glazing and security that need to be taken into
account for any facility, site or building. These have been arranged into four Security Factors to aid the
designer in identifying clearly those which apply to their development.
•
Effects of Blast Loading.
•
Effects of Ballistic Damage.
•
Resisting Manual Attack.
•
Privacy.
Certain built objects within NEOM will require defined levels of protection for some or all of the above
factors. This will also account for non-intentional blast and ballistic damage are specified facilities. The
following matrix provides a baseline of minimum requirements. However, it should be noted that the
need and inclusion of mitigations and protection against attack on glazed systems will also be informed
by the specific Security Threat and Risk Assessment and how the site, facility or building will be used,
especially in relation to massing of people.
Protection Group
Factor
All Groups
•
Restricted
Restricted
Recommended Treatment
Resisting Manual Attack.
DOCUMENT CODE: NEOM-NSE-PRC-001
Graded to the criticality of the
site.
•
Graded to the local criticality for
where the glazing is placed.
•
Specific consideration of critical
and key areas for protection.
•
Effects of Blast Loading.
•
Resisting Manual Attack.
•
Privacy.
•
Privacy for key areas/points.
•
Effects of Ballistic Damage.
•
Control Rooms.
•
Gate/Entry Posts.
•
Critical Points.
•
To be informed by Royal
Protection Unit.
Enhanced (STRA indicated)
Royal Residences
•
•
All.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 33 OF 3 11
Security Factors
The four security factors and associated design base threats: 1
Security Factor
Intent
Design Base Threat (DBT)
Effects of Blast Loading
•
Mitigation Measures
•
•
Protection Measures
Person Borne IED – 15kg (Normal) applied at a
6.0m stand-off range.
•
Vehicle Borne IED – 100kg (Normal) at a 20.0m
stand-off range.
•
Large VBIED – 500kg (Enhanced) at a 20.0m
stand-off range.
Effects of Ballistic Damage
•
Protection Measures
•
BR/FB6 + SG2
Resisting Manual Attack
•
Protection Measures
•
EN1630 RC based attacker types and equipment.
(See Performance Requirements)
•
Loss Prevention Standard – specified sites.
•
(See Performance Requirements)
Privacy
•
Mitigation Measures
•
Mitigation: Orientation, obscuration etc.
•
Protection Measures
•
Protection: Counter Surveillance Technical
methods to be defined by designer if required.
Success Criteria
The success criteria for glazed systems are as follows:
•
Glazing subjected to blast loading should provide a Low Hazard failure. This is defined as the level
of hazard where glass debris would be projected into a room for a distance of not more than 3.0m
and not exceeding 0.5m above the floor at this distance. Injuries would be limited to low body cuts,
and fatalities would not be expected, although persons close to the window could be seriously
injured.
If the glazing is of a laminated nature to will significantly reduce the fragmentation produced upon
failure, with generally a higher level of energy absorption in the failing system, thus providing less
damaging energy.
1
It should be noted that the protection against military grade munitions is considered a specialist scenario, and if required this will
be informed by NEOM Public Safety Department.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 34 OF 3 11
•
Designers have considered the need for the glazing if security-based enhancements or hardening
are required.
•
Designers have considered whether a more enduring solution can be sought, such as re-orientation
or placement of what is trying to be protected.
•
Glazing is designed to take account of the four security factors as informed by the development
specific threat and risk assessment.
•
The inclusion of glazing does not increase the risk associated with an event. This is both likelihood
and impact based.
•
Any security enhancements or design features associated with glazed systems does not prevent the
glazed system performing its normal required function.
Performance Requirements
Effects of Blast Loading
Whilst not specific to glazing, design against adverse loading, such as blast, should result in a
design that resists disproportionate collapse of a structure.
External or Perimeter Glazing
Where a requirement to consider blast loading on glazing is identified, the designer should design to
achieve a Low Hazard failure against the selected DBTs at the enforceable stand-off that can be
achieved. Wherever possible, an increase in stand-off should be considered prior to any building
hardening. It is stressed that the designer must design for the conditions of their development, whilst not
dropping below the following minimum standards:
•
All glazed panes on the protected side of the glazed area should be laminated.
•
Lamination must be done with a 1.52mm PvB interlayer.
•
Single glazed units should be of a minimum 7.5mm laminated glazing.
•
Double glazed units should be of a minimum 7.5mm laminated inner pane with either an outer pane
of 7.5mm laminated glazing or a 6mm toughened pane.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 35 OF 3 11
The designer shall consider their specific threat and risk assessment to determine if the risk determines
whether a development is designed for mitigation or protection. It should also be remembered that
different solutions may be applied to different areas of a facility, site or building dependent upon that
area’s criticality and the impact of a successful threat attack occurring.
Mitigation is defined as the use of laminated glazing that is installed in normal frames or fixings.
Protection is defined as the use of laminated glazing that is installed in blast resistant frames
incorporating enhanced fixings and rebates of 35mm on all sides of the glazed panel. For protective
purposes the minimum thickness of glazing may well be increased.
Blast analysis should be undertaken where warranted to determine the exact glazing required for the
glazing system type.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 36 OF 3 11
Internal Glazing
Internal glazing presents a hazard where it can still be loaded by a blast wave, be this the failure of an
external element or where the potential for an internal explosion is possible. It is therefore recommended
that internal glazing where there are high population areas conform with the following criteria:
•
All glazing should be securely held in place by the framing or support system.
•
Glazing should be laminated using a minimum 1.52mm PvB interlayer to reduce the potential for
fragmentation on failure.
•
Where glass is supported as a cantilever, the support channel should be securely fixed to the floor,
glass should be epoxy-resin, silicone bonded and/or in deep clamped channels wherever possible.
Dry glazed clamping should provide similar retention capability as bonded units. Bonding should be
a minimum of 25mm deep onto the glazed panel.
•
As above, glazed wall lining systems.
Effects of Ballistic Damage
The first consideration is for vulnerability wherever possible to be designed out, consider:
•
Orientation and/or placement to avoid the vulnerability.
•
Denying direct line of sight. Most threats will require line of sight to be successful.
•
Where the situation cannot be avoided, designing a number of layers to provide the protection.
•
Glazing is degraded by ballistic attack and therefore as tested will only provide certainty of
protection for a maximum of three rounds of the specified ammunition. Therefore, no protective
ballistic system in isolation represents the whole security solution.
•
If polycarbonate is used in the glazing build-up, it should not be placed where the environmental
conditions will degrade it, or in areas where abrasion is likely.
•
A glazing specialist should be consulted where the glass tint is important, as thicker ballistic
protective glass will cause a green tint unless specified with the correct chemical content.
The DBT is based against the system defined in BS EN1063 and BS EN1522 which defines the threat
on a scale prefixed by BR or FB. The threat is the same for each level. Shotguns are pre-fixed SG.
Therefore, wherever ballistic protection is required, the baseline level of protection is BR/FB6 and SG2.
Certain facilities where ballistic glazing is required, such as the Royal Residences, may require an
enhancement above the DBT. This should be discussed with the relevant security stakeholders.
Resisting Manual Attack
Glazing that is identified as needing to resist manual attack should conform to the following criteria.
Low Risk Facilities, Sites or Buildings
This will encompass general residential property, most hotels, offices etc.
The glazing will conform to the Manual Attack Resistance specification of EN1627 and 1630. Individual
glass should be specified and tested in accordance with EN356.
The following table provides the relevant RC gradings under EN 1627, and where they are normally
applied.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 37 OF 3 11
It should be noted that the delay timings associated with EN1627 are not comparable to those of the
BRE grading system as the BRE system use a wider range of tools. Therefore, RC6 does not give more
protection than a H10 system. Once the level of delay is determined, liaison with specialist suppliers will
need to be undertaken.
The selection of a RC rated system should be informed by the specific threat and risk assessment, but
the following minimum standards should be applied where the glazing would provide access into critical
and important areas.
Minimum for all low threat locations (Baseline):
RC2
Minimum for all moderate threat locations (Enhanced):
RC3
Minimum for higher threat locations (Restricted):
RC4+
High Risk Facilities, Sites or Buildings
High risk facilities should be considered to be the target of a determined and well resourced attacker.
Therefore, they will have access to specialist equipment.
The attacker types are built upon the BRE LPS 1175: Issue 8 categorisation of criminal threat levels
(BRE Global Ltd). This considers an assessment of an attacker’s intent and capability, to provide a
security rating based upon a threat rated from A to H (low to high).
An overview of the BRE LPS 1175 attacker types A to H are provided below:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 38 OF 3 11
•
A – Low technology level of attack using small, very easily concealed tools.
•
B – More determined attack using easily concealed tools of a greater mechanical advantage.
•
C – Deliberate forced entry using a wide selection of commonly available, relatively easily concealed
tools.
•
D – Experienced attempts at forced entry.
•
E – Experienced attempts at forced entry using tools of a greater battery power.
•
F – Professional attempts at forced entry into a higher value area.
•
G – Enhanced professional attempts of access to high value assets.
•
H – Extreme methods of access to very high value assets using portable tools.
Consideration of the potential attacker types allows the proportionate and effective selection of physical
security measures that have a Security Rating (SR) level providing a tested level of delay, against the
tool types available to the designated attacker types.
It is anticipated that SRs applied to glazing in isolation will be limited due to the attacker resources
available. Therefore, for Restricted sites, the following attacker types should be considered, but
wherever possible glazing should be designed out in favour of more robust construction materials.
Attacker
Type
E
H
Description
Tool set
LPS Rating
Determined criminal targeting
restricted sites such as the
transport hub, using heavy
high-powered tools.
SR 5
E10 = toolset E
10-minute delay
Sophisticated and determined
attacker, targeting a mission
critical facility using industrial
powered machinery.
SR 7+
H10 = toolset H
10-minute delay
Where a high security location requires glazing, a primary consideration should be whether physical
protection can also be utilised, such as protective bars, shutters or covers. It should be noted that
achieving a specific protection level can be achieved by layering glazing and other protection, each
contributing to the overall delay timing.
All windows should be lockable to prevent opening from the unprotected side.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 39 OF 3 11
Privacy
The designer’s first consideration must be to assess whether the vulnerability can be designed out
through orientation, placement or through the built form. This should also consider exactly what is being
protected, whether it is information, activity or just privacy of individuals.
For areas where it is not possible to design out a vulnerability, the following should be considered:
•
Etching – Obscuration by etched glass use. Directional etching may be used to allow light passage
but block certain views.
•
Filming – Use of reflective or screen printed film applied to internal face of the glazed pane.
Preferred to only be used for retrofit scenarios. Directional printing may be used to allow light
passage but block certain views.
•
Tinted Glass – Use of a tinted glass that reduces visibility to an acceptable level. Care should be
taken that both daylight, night time and internal lighting levels are taken into account.
•
Electronically Controlled Glass – Obscuration through the use of electrical current effected cells.
•
Use of contrasting light levels – The lux ratio to be effective must (External) 7:1 (Internal). This may
well be impractical for areas where external lighting is not appropriate or well lit interior spaces make
achieving a 7:1 impractical.
In general, the stand-off distance for a viewer into a space should be greater than 10m, if possible, to aid
obscuration.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 40 OF 3 11
Reference Standards
The following standards should be referred to when developing the security glazing design:
Standard
Description
BS EN 356
Glass in building. Security glazing. Testing and classification of resistance against
manual attack.
BS 5357
Code of practice for installation and application of security glazing.
BS 5516
Patent glazing and sloping glazing for buildings.
BS EN 1522
Windows, doors, shutters and blinds. Bullet resistance. Requirements and
classification.
BS EN 1523
Windows, doors, shutters and blinds. Bullet resistance. Test method.
BS 5051-1
Bullet resistant glazing Specification for glazing for interior use.
BS EN 1063
Glass in building Security glazing. Testing of resistance against bullet attack.
BS EN 13541
Glass in building. Security glazing. Testing and classification of resistance against
explosion pressure.
ISO 16933
Glass in building, Explosion-resistant security glazing, Test and classification for arena
air-blast loading.
EN 1627-1630
European standard for performance determinations in connection with burglary
attempts via windows and doors.
EN 1630
Manual test (burglary attempt) with standard tool kit.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 41 OF 3 11
A15: Manual Lock Security
This section sets out the functional requirements for manual locking systems including key operated
padlocks and biometrically operated padlocks.
Notwithstanding the aspiration for NEOM to have keyless entry systems it is likely that manual door
locking systems and padlocks may be required in some locations. However, these should be minimised
through design.
It is expected that manual locks will be of low frequency throughout NEOM and should only be used by
exception on Enhanced and Restricted Protection Group facilities and buildings.
A statement of overall lock security should be formulated by considering the following questions:
•
What are the perceived criminal and terrorist threats that the asset may be subjected to and the lock
must endure?
•
Does the lock location require immediate notification of an unauthorised attempt to enter?
•
Is an audit trail of users and access attempts required?
Performance Requirements
General Functional Requirements – Manually Operated Door Locks
•
The selection of manually operated door locks should be guided by reference to a security needs
evaluation an OR that determines the level of security performance required for the protection group
and doorset requirements.
•
Manually operated door locks such as mechanical lock, thumb turn and latched bolts should be a
deadlock action type of lock.
•
The deadbolt shall be not less than 25mm throw with a saw-resistant hardened steel insert.
•
Lock cylinders should comply with Grade 4 (Key related security), or higher, of BS EN 1303:2005.
•
Lock cylinders should have up to 30,000 possible different key combinations, a minimum of five
movable levers, pins or discs and resist at least 15Nm of ‘plug’ torque.
•
Lock fixing screws should be hidden when the door is closed.
•
The lock bolt should be made of Type 304 stainless steel (or equivalent) material that is corrosion
resistant and has a hardness of at least Rockwell B85, Rockwell hardness is to be specified by the
methods specified in ASTM E18.
•
The lock should be morticed into the fabric of the door.
•
Protection for extending locking bolts should be built into the door frame.
•
All external manually operated locks should be designed to operate in the following environmental
conditions:
o
-10⁰C to +65⁰C in direct sunlight.
o
Ambient relativity humidity range: 5% to 95% non-condensing.
o
Airborne dust concentration: Annual average 0.3mg/m – Sandstorm 3mg/m.
o
Wind speed: 112km/hour.
o
Other pollutants: CO – 50ppm; H2S – 10ppm; Hydrocarbons – 150ppm; NOx – 5ppm; O3 –
1ppm and SO2 – 10ppm.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 42 OF 3 11
•
Outdoor security locks should be capable of continuous operation under the environmental
conditions listed above and shall meet the listed performance when subjected to the full range of the
described conditions.
General Functional Requirements – Padlocks and Biometric Padlocks
•
The selection of padlocks, whether manually operated or biometric, should be guided by reference
to the identified security and operational requirements that determines the level of security
performance required.
•
Where used, hasps should be securely fastened to the anchoring structure and have the same
resistance to attack as the padlock to be used.
•
Where keys are used to operate the padlocks strict key control should be maintained.
Advisory Requirements
Designers are advised that at present there are no specific standards for the certification of biometric
padlocks.
When designers are considering the use of padlocks within NEOM it is suggested that following security
rating matrix is considered to guide the choice of padlock:
Protection Group
Recommended Standard
Baseline – Non-Critical
CEN 1 & 2
LPS 1654 Level 1 or 2.
Baseline – Critical
BS EN 12320 Grade 3
Enhanced – Other
CEN Grade 3, Sold Secure –
Bronze or Silver
Enhanced – Critical
BS EN 12320 Grade 5 or 6
Restricted – Other
CEN Grade 5 or 6
Sold Secure – Gold
LPS 1654 Level 7 or 8
Restricted – Critical
DOCUMENT CODE: NEOM-NSE-PRC-001
Fully auditable access control
expected.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 43 OF 3 11
Reference Standards
The following standards should be used when developing the manual locking systems design:
Standard
Description
BS EN 12209
Building hardware – mechanically operated locks and locking plates. Requirements
and test methods.
BS EN 1303
Building hardware – cylinders for locks. Requirements and testing methods.
BS EN 12051
Building hardware – door and window bolts. Requirements and test methods.
BS EN 179
Building hardware – emergency exit devices operated by a lever handle or push pad,
for use on escape routes. Requirements and testing methods.
BS EN 1125
Building hardware – panic exit devices operated by a horizontal bar, for use on
escape routes. Requirements and test methods.
BS EN 12320
Building hardware – padlocks and padlock fittings. Requirements and test methods.
Sets a 6-number classification. The higher the number the greater the resistance to
attack. The grading level should be referred to by designers when specifying padlock
choice.
Central European Norm
(CEN) Ratings
A European standard that sets 6 levels of security from 1 to 6. The higher the
number the more robust and hence more secure the padlock. Security testing is
based on the resistance of the lock and its shackle to twisting, drilling, pulling and
cutting.
BS EN 16864
Building hardware – mechatronic padlocks. Requirements and test methods
LPS 1654
Requirements and testing standards for approval and listing of mechanical padlocks.
Sets 8 levels of resistance based on the amount of time it takes to remove a padlock
based on the use of different types of tools used by criminals.
Sold Secure
Tested and rated padlocks that have been awarded bronze, silver or gold status.
Gold representing the most secure.
ASTM E18-19
Standard test methods for Rockwell hardness of metallic materials.
Saudi Building Code
2018
General Requirements.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 44 OF 3 11
A16: Searching, Screening and Detection
Overview
The unobtrusive nature of NEOM provides for free-flow movement wherever practicable.
Where exceptionally the control and detection of prohibited items is required, this will be primarily be met
through the use of searching, screening or detection technology strategies. This should still:
•
Be as unobtrusive as is possible,
•
Where practicable hands free for the user experience and;
•
Cause the minimum dwell time possible.
Minimum dwell time should not be just considered as a throughput measurement. Integration and
convergence of searching, screening and detection should drive a minimum level of disruption or
deviation from daily tasks wherever possible.
However, certain critical locations will still require a process driven approach to search, screening and
detection. In these cases the security requirement takes precedence and therefore assurance of
detection of unauthorised articles is the primary aim.
The following facilities, sites and buildings will require a form of search, screening or detection for
prohibited items. Specific requirements are to be developed through the site specific threat and risk
assessment. Commercially operated sites should apply processes to protect their businesses adequately.
Location
Search, Screening or Detection Purpose
Safety Critical Environments.
•
Checks on unauthorised and prohibited items being
brought into a safety critical environment.
Potable Water Storage.
•
Prohibited items that could affect potable water supply.
Hospitals.
•
Prohibited items that will affect medical equipment.
•
Mass casualty threat screening.
NEOM Airport.
•
In-line with International and National Aviation Security
Plans and Regulations.
Industrial City Port.
•
In-line with National and International Regulations and
ISPS Code.
Data Centres, R&D, Sensitive Commercial.
•
Data protection.
Royal Palace/Residences.
•
Compliant to Royal protection requirements.
Hydrogen Plant, Explosive or Flammable
Chemical production or storage.
•
Asset protection.
Major Government Complexes & Regional
Government Offices.
•
Mass casualty threat screening.
•
Data protection.
Consular Buildings.
•
In-line with foreign government policy.
Sports Stadia & Arenas.
•
Mass casualty threat screening.
•
Weapon screening.
•
Mass casualty threat screening.
Crowded Spaces, Major Transport Hubs etc.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 45 OF 3 11
Threat
Search, Screening and Detection is applicable to a range of threats identified in the Design Basis
Threat, for criminality, terrorism and extremism.
During the threat and risk consideration, the designer should determine first whether there are prohibited
items or not. This will then drive whether there is a need for search, screening or detection to be
undertaken.
Secondly, if there is an identified requirement, the designer needs to determine where the threat is likely
to occur at the facility, site or building to ensure timely intervention that will minimise the likelihood and
impact of the risk being realised.
For example, the prevention of threats focused upon violence or terrorism may require early detection of
crossing the site boundary. This may then focus on detecting:
•
Mass Casualty Items – IED, large firearm.
•
Smaller firearms.
•
Knives, and other weapons.
However, where detection of more specific items is required, which would most likely be at Restricted
Protection Group locations. These items may include:
•
Mobile phones and cameras.
•
Data removal devices.
•
Trace detection – e.g. narcotics, explosive, firearms residue.
The detection of these elements may be applied site-wide or just to specific areas.
Search, screening or selection should only be required where there is an identified threat or asset
requiring protection that would be an intolerable risk without the screening mitigation.
Success criteria
The success criteria for searching, screening and detection is as follows:
•
The detection of relevant prohibited items, at the desired point of detection.
•
Provision of required assurance level for detection, i.e. is it 100% or a lower percentage to act as a
deterrent effect.
•
Provision for sufficient screening capacity, to allow for the required throughput rates, minimise dwell
and disruption. In some cases, this will need to be balanced against spatial requirements and likely
capital and operational costs.
•
On a positive detection, can the prohibited item be effectively prevented from passing the search or
screening area.
•
Blended design, enhancing the user journey through any security process, or if practicable, making
the process seamless.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 46 OF 3 11
Search, Screening and Detection Process
If the risk assessment identifies a need for search, screening or detection, then the design process
should be developed across three distinct process zones with key design considerations being satisfied
in each zone. The three zones are outlined in the following graphic:
1. Risk Identification
Prior to commencing design, the designer must assess whether a search, screening or detection
security effect is required based upon the threat and risk assessment for the specific site.
Threat changes and scalability should be planned for. This may be in the form of power, data and
spatial allocations in the correct locations.
The risk identification stage will be based upon a number of considerations including:
•
Crowded Place – a crowded location provides an inherently attractive location for a terrorist attack
and could use mass casualty threat methodologies such as firearm, blade or IED attacks. Providing
high-level screening for crowded places where there is an identified and assessed inherent target
attractiveness, can help in detecting mass casualty threat methodologies.
•
Criticality – a site, facility or building with a higher level of criticality, including function or
association with the government, will have a number of assets which could be targetable by both
criminal and terrorist / extremist methodologies.
•
Detection Requirement – certain sites or facilities will require enhanced detection, such as
explosives trace detection or drug substance detection, e.g. Airport, where there are clear
requirements under the aviation security requirements.
The site-specific risk zoning exercise is particularly important in defining the requirements for search,
screening and detection. The risk context may not apply to the whole site, and only certain areas of the
site may require Search, Screening or Detection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 47 OF 3 11
A site risk zoning exercise therefore identifies the areas where different levels of prohibited item
detection are needed. A simplified example for a hospital site is shown below.
The process provides a logical method for ensuring that searching, screening and detection is only
applied where needed at the site, rather than providing complete site coverage.
2. Detection Matrix
Once a risk-based need for search, screening or detection is identified, the designer must identify what
constitutes the prohibited items. A detection matrix should then be produced that indicates what will and
what will not be detected by the screening process.
The detection matrix is based upon:
•
What prohibited items the screening process should detect?
•
What level of assurance should be provided that the threat will be detected by the search and
screening process? (assurance % of detecting the threat). The designer should consider scalability
of the process to meet higher threat levels and whether an allowance for this is included.
•
What percentage of attendees should be processed through the search and screening process for
detecting the relevant threat? (% of people processed).
A prohibited items list can be drawn from the identified threat types of the location specific Threat and
Risk Assessment, and should relate to the risk zoning exercise undertaken in step one.
The prohibited items list can then be applied against the levels of assurance for detection required,
categorising threat items as either:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 48 OF 3 11
1. Essential to detect (100%)
There should be a 100% assurance that the prohibited item is successfully detected during the
screening process. To achieve 100%, it is imperative that all personal/goods are subject to the search,
screening or detection process. This approach can be scaled back if the threat level is lower than
anticipated or altered by an event at a facility.
2. Desirable to detect (10-90%)
The level of assurance required is variable, and scalable in response to the designer’s risk assessment.
The process is scalable in the level of assurance provided by the screening process, and the percentage
of people/goods subjected to such screening.
3. Not required to detect (0%)
These items are not considered as threat items by the designer’s risk assessment, and therefore do not
require detection.
If the facility, site or building will operate in a number of operational modes that change the threat level,
then different detection matrices may be required for each mode. Otherwise, the process must be shown
as scalable and flexible to be suitable for all modes of operation.
An example detection matrix is as follows:
Essential to Detect (100%)
Desirable to Detect (10-90%)
Not Required to Detect (0%)
Explosives
Other items on the prohibited item
list including alcohol etc
Mobile phones
Firearms and ammunition
Other liquids
Recording devices
Large weapons – machete,
baseball bats, hammer etc
Computing devices
Protest materials – chain, flags etc
Cameras
Damage materials – Animal blood,
paint, flour etc
Smaller weapons – knives under 6
inches, sharp weapons, including
scissors
Arson equipment – matches,
lighters etc
CS or pepper sprays
The example below shows varying detection matrix requirements across the different locality risk zones
of the identified hospital example.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 49 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 50 OF 3 11
4. Methods of Search, Screening or Detection Achievement
From the development of the detection matrices, suitable search, screening and detection options
should be selected.
In general, there are likely to be five broad levels of search, screening or detection, with varying levels of
user disruption. Each example level of screening could use different equipment / processes, or
combinations, to provide a varying level of detection assurance and scalability. The designer must select
a proportionate level of screening to the level of identified risk, and the complexity of detecting the
prohibited item.
Level 0: Do nothing – no screening required.
Level 1: Automatic high-level screening for mass casualty threats.
This is to be non-intrusive, as to not diminish from the visitor journey / experience. However, there must
be a method for investigating detections. The over-arching approach may limit bag size that can be
brought to the venue, could employ staff to visually assess for larger threats such as a rucksack IED or
long barrelled weapon. Or a high flow rate mass screening system may be employed using Terrahertz
scanning or other technology.
The designer should detail a clear interdiction process for the high-level mass casualty screening
process. The designer should also consider how assurance can be provided, reducing opportunity for
the mass casualty threat scanning to be bypassed – this may need to be operationally managed.
Level 2: Automatic high-level screening for mass casualty threats, plus video analytics.
This may be non-intrusive as given above. The use of video analytics, such as left package / loitering
alerts, can provide enhanced assurance for detection of certain threats.
This represents a combination of methods, which may also include trained staff, and the designer needs
to define the overall detection strategy and its concept of operations.
Level 3: Low level screening for some level of assurance of prohibited item detection.
Level 4: Comprehensive screening for high assurance of prohibited item detection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 51 OF 3 11
A comprehensive screening process is required for detection of a wide and complex range of items.
Therefore, the detection approach will need to rely on a range of searching and screening methods,
more likely in a layered system to be able to provide various assurance levels.
5. Throughput Analysis
Dependent upon the search and screening method / equipment / process used, there will be a variable
throughput rate. This should be considered in relation to:
•
Capacity – the number of persons to pass through the process.
•
Flow rate – the rate of which a person is screened, dependent upon the chosen screening method /
equipment.
•
User arrival process – the variable rates in which users will arrive.
•
Customer journey – the level of interaction that is acceptable.
An example throughput matrix is as follows:
Location
Main Entrance
Expected
Arrival
Capacity
(15 mins)
Flow rate
(each lane per
minute)
(per 15 mins)
Lanes
Required
235
6
90
(2.6) 3
Single Lane
Capacity
Space
Required (per
lane)
Min 10.0m x
12.0m
The throughput flow rate is likely to be variable, with delays caused by user non-compliance likely at
either the Preparation Process Zone or Response Process Zone, complexity of what is being screened
or detections. As part of the screening process, the potential for reductions in throughput can be
addressed, by:
•
Communicating the expected arrival process to the users.
•
Clear policies on prohibited items, communicated to user pre-arrival.
•
Allowable bag sizes communicated to user pre-arrival.
•
Allowing sufficient spatial allocation for the process to take place.
•
Having a quick and defined interdiction policy within the response process zone.
6. Example Screening Measures
The table below provides examples of varying types of screening technology. The designer should
select the relevant screening process / measures, based upon their specific use case performance
requirements. Throughputs should be clarified with manufacturers with evidence of the achievable
throughput given.
Example Measure
Usage Characteristics
CT Scanner
•
Baggage scanning.
•
Detects prohibited items with 3-D model of
contents.
•
High level of assurance for detection.
•
Throughput (200 – 300 people per hour).
•
Analytics to aid detection of prohibited items.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 52 OF 3 11
Example Measure
Usage Characteristics
Millimetric Wave Scanner
•
MMW scanner for persons.
•
Profile images of person, showing concealed
items.
•
Analytics to aid detection of prohibited items.
•
Throughput (150 – 300 people per hour).
•
WTMD portal for persons.
•
Alert when metal object passes through.
•
Varying levels of sensitivity to provide for
required threat type detection, and level of
assurance.
•
Throughput (350 – 400 people per hour).
•
Passive scanning system for persons, with
person screened whilst in transit.
•
Detection of mass casualty threat items.
•
Throughput system (Optimised 3,500 people per
hour).
•
Limited level of assurance for detection.
Walk Through Metal Detector
Mass Casualty Threat
It is important that the designer is aware of, and respondent to, the limitations of any screening process
employed.
For example, mass casualty passive scanning could be unreliable if multiple persons pass through
simultaneously and if complicated bags are carried – this would require a supporting technology,
management process or design to ensure that the potential for residual risk is limited.
7. Intervention Plan
As identified in the throughput analysis, clear policies in the Response Process Zone are required to
support both the throughput and also the integrity of the process. The process becomes redundant
without a clear intervention plan to prevent the detected item from being carried beyond the control line.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 53 OF 3 11
A defined intervention plan must be developed by the designer in order to support the screening
process. This should take account of:
•
How will alerts be generated when a prohibited item is detected?
•
How will such alerts be dealt with? Will this be an automated or human response?
•
What enhanced screening will a person be required to undertake to resolve a first alarm?
•
Is there sufficient area for a person to be dealt with, in a rejection zone?
8. Design Considerations
The following further design considerations will need to be taken into account:
•
Architecturally lead – there is opportunity for the design to be incorporated within the architectural
design principles of the project. The design and process should aim to improve the visitor / user
journey and look to use innovative design features to make the screening process as seamless as
possible.
•
MEP – screening equipment requires power and data, which should be coordinated with design
teams. This will be required for both permanent screening locations, and any temporary ‘pop-up’ or
scalable screening locations.
•
Spatial allocation – adequate spacing for the screening equipment, and to allow for the throughput of
screened persons is required. This also needs to provide sufficient space for security operators. The
spatial allocation can be large, especially with a high volume of people, bags or goods.
•
Lane design – coordinated design to provide for maximum efficiency and user experience, ensuring
lane design is easily accessible and supportive of required throughput, e.g. appropriate length of
tray roller beds for luggage screening.
•
Ground loading – screening equipment such as CT scanners are heavy pieces of equipment. The
ground loading should account for the equipment.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 54 OF 3 11
Reference Standards
The following reference standards are the minimum standards for searching, screening and detection
technology.
Standard
Description
EN 62368-1 + A11
Audio/video, information and communication technology equipment. Safety
requirements.
BS EN IEC 61000-6-1
Electromagnetic compatibility (EMC). Generic standards. Immunity standard for
residential, commercial and light-industrial environments.
ASTM F3356
Standard Specification for Conformity Assessment of Metal Detectors Used in
Safety and Security.
ASTM F2401
Standard Practice for Security Checkpoint Metal Detector Screening of Persons
with Medical Devices.
STM C1270 - 97
Standard Practice for Detection Sensitivity Mapping of In-Plant Walk-Through
Metal Detectors.
ASTM C1269 - 97
Standard Practice for Adjusting the Operational Sensitivity Setting of In-Plant
Walk-Through Metal Detectors.
ASTM C1238 - 97
Standard Guide for Installation of Walk-Through Metal Detectors.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 55 OF 3 11
A17: Security Control Rooms and Monitoring Points
This section covers the fundamentals of Security Control Rooms (SCR) design throughout the NEOM
region. These facilities provide a point of consolidation for operators to obtain information on the status
of related security systems and operations. Control rooms where practicable should be within walking
distance of other static security locations, such as gatehouses, monitoring points etc.
A structured design process should be followed in the development of all control rooms environments
with a human centred approach to meet with the demand for the number of systems, sensors and
services which are controlled or monitored by the operators.
Spatial requirements should be identified early, including UPS locations, welfare and operator space.
Defining the operational requirements for the SCR is therefore a key initial step that the designer must
undertake at the start of the design process.
Systems
The operation and control of each system needs to be determined prior to the development of a SCR
design. Security systems will vary dependant on the site application with some large sites or integrated
regional systems being responsible for all aspects of control and operation.
Typical security applications featured within an SCR include but are not limited to some of the following
applications:
•
Intruder Alarm Systems.
•
Access Control.
•
Video Surveillance.
•
Perimeter Intruder Detection Systems.
•
Security Lighting.
•
Alarm Signalling.
•
Intercom Systems.
•
Radio Communications
•
Vehicle Barrier Controls.
•
User Interface.
•
Other non-security systems that are critical to the site, e.g. development/industrial freezer alarms.
A Physical Security Information Management (PSIM) system should be used to harmonise the various
systems and consolidate the interface to a single user interface.
The need to integrate systems should be carefully considered to ensure integration is the appropriate
option.
Redundancy and System Resilience
The security systems with the exception of field devices (intrusion detection sensors, cameras, card
readers, radars) shall exclude single point of failures, such that a single component failure cannot
disable the system function.
All security systems core computing and network components shall be in a high-availability configuration
to ensure availability of not less than 99.95% per component. These components specifically include:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 56 OF 3 11
•
Servers.
•
Network Video Recorders (NVR).
•
Operator workstations.
•
Administration workstations.
•
Archive and back-up systems.
•
Network switches, routers and firewalls.
Exception: industrial ethernet switches supporting single field devices are excluded from the above
requirement.
The high-availability requirements detailed above can be achieved by a combination of:
•
Separate redundant units, such as primary and back-up units.
•
Single units with fully redundant hot-swappable components of CPU, memory, power supply,
network cards, hard-disk storage, etc.
•
Virtual computing architecture.
The critical computing and network equipment shall also have a spare capacity as follows:
•
20% spare capacity of all computing power (RAM & CPU).
•
20% spare capacity for all network physical ports.
•
20% spare capacity for all network bandwidth (within the site security network).
•
50 % spare capacity for all hard disks.
Field devices (intrusion detection sensors, cameras, card readers, radars) shall be in a redundant
configuration only if a single device failure will significantly disable the system function.
Automatic switch-over function shall be enabled between all redundant components without loss of
operational function or data.
Computer Hardware
Computer hardware applied as a component of security systems shall be of the latest generation
available at the time of project proposal design completion. The hardware shall have adequate memory
and processing capacity to ensure no latency to allow real-time operation in all operational conditions.
Operating system and applications shall be installed on a Hard-Disk Drive (HDD) or Solid-State Drive
(SDD) while data shall be stored on a separate discrete physical HDD or SSD.
Operating Systems
Operating systems used for the security system shall be latest version and have full mainstream support
from the manufacturer.
All service packs, and other Operating System updates, shall be installed prior to system
commissioning.
Data and System Backup
The systems shall be equipped with mechanism to provide full back-up every 30 days and daily
incremental back-ups. Back-up operations shall not interrupt the system operation.
Back-up records shall be stored off-site and accessed only by authorized personnel.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 57 OF 3 11
Date/Time Synchronization
All devices connected to the security systems shall have their date and time synchronized via a
centralized or distributed time servers.
Tamper Protection
All security system field components shall be equipped with tamper protection that will annunciate an
alarm if any attempt is made to tamper with system elements.
All junction and pull boxes, mounted externally, shall use tamper-proof screws for all fasteners. All
outdoor cables shall be protected in steel conduits.
Openings in the system housing shall be sealed.
Component Failure Alarms
The system shall annunciate an alarm when the function of an operational component is lost (e.g. field
devices, UPSs, generators, etc.).
False Alarm Reduction
The system control panels shall observe guidelines in ANSI/SIA CP-01-2014, False Alarm Reduction
Standard, into the system design and material selection to reduce the incidence of false alarms.
Integration
The SCR shall be integrated into central Security Control Center (Emergency Center / 911 Building).
UPS and Emergency Generators
For Sites with a Restricted Protection Group, on-site dedicated UPS and emergency generators shall be
provided for Security systems.
The UPS shall have battery capacity to power its maximum rating for 2 hours minimum and it shall be
sized with 30% spare capacity over and above the actual calculated load.
The emergency generator shall be sized to power all security systems & devices, air conditioning,
lighting, fence lighting and communication equipment installed at the security facility while maintain 20%
spare capacity.
The generator shall be able to sense power failure at the incoming local utility power feed to the security
system and initiate start-up. The fuel tank for the generator shall have a low-fuel level alarm connected
to the gatehouse and Central Security Control Center that triggers when the fuel level drops to 10% of
full capacity.
Policies
Clear policies should be developed in terms of the day to day operation and responsibilities within the
SCR environment to ensure activities are adhered to and the integrity of the SCR is maintained.
Policies should include training and communications, division of work and tasks, competencies and
management, code of conduct and auditing. The designer will need to provide a concept of operations
for the SCR that demonstrates how it functions day to day, and also during an incident.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 58 OF 3 11
People
The SCR will comprise a number of system interfaces both “hard” (panels, controls devices) and “soft”
(computer and digital interfaces) to accommodate the daily operations, such as:
•
Control Panels.
•
Operator Consoles.
•
Safety Systems.
•
Displays Screens and Walls.
•
Furniture.
•
Welfare Facilities.
Once a study has been undertaken to determine the operational requirements of the SCR a User
Centred Design (UCD) should be undertaken as the amount and type of information that an operator
can monitor is limited and errors can occur if over-burdened with duties.
Resilience
The systems being managed by the SCR should be resilient against both attack and failure.
Consideration should be given to redundancy of systems and back-up and/or failover of critical power
and communications connections in the event of an outage or incident response.
As the SCR is a critical room, the routing of other building services through the room should be avoided,
where these services could cause damage. e.g. water pipes.
Physical SCR Design
Spacing should be assessed for the mounting of display and control equipment throughout the SCR and
how operators will interact with the systems.
The layout of furniture, lighting and temperature all have to be considered to achieve a suitable working
environment for operators allowing them to conduct tasks unhindered.
Working spaces should be considered for operators, managers, incident rooms, collaboration spaces,
welfare facilities.
Operator consoles should be suited to meet the necessary equipment required:
•
Display screens:
o
The system shall have 4 levels of integrated display for security operators. All displays shall be
1080p or higher definition. Displays shall be adequately sized for the application and shall have
capability for 24/7 operation.
▪
Display 1: Overview Map.
▪
Display 2: Video Split-Screen Display, dedicated to viewing camera feeds, user selectable
or sequenced, and shall automatically switch to alarm zones display during an alarm.
▪
Display 3: Index display, listing all cameras or alarm zones.
▪
Display 4: PTZ Camera Display.
•
Keyboards.
•
Camera control equipment.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 59 OF 3 11
•
Telephones.
•
Hard wired panels and controls.
•
Space to undertake paperwork.
Enough displays should be provided to carry out duties and sized accordingly, including visual access to
a display wall if required.
The console design should be ergonomically correct to meet with the demands of the operator and
provide a comfortable working position including:
•
Vertical, horizontal and lateral clearance for the legs, knees and feet under the work surface.
•
Work surfaces at or slightly below elbow height.
•
Instruments and displays located in appropriate visual zone.
Further Considerations
For larger SCRs there are other areas of consideration which supplement the SCR. These areas are
detailed below with insight as to scaling and location in relation to the SCR.
Room
Sizing
Location
Equipment room
Number of cabinets, including potential
future additions.
Direct access from Control Room?
Engineering Support
Room
Number of people, furniture and
equipment. Consider ʻnormalʼ support and
demanding situations e.g. commissioning.
Engineering support desks may be
located in the Control Room or
Equipment Room in addition or as an
alternative. Location should be
determined by the required
interaction between Engineers and
operators.
Electrical power
room
May need to be partitioned (e.g. between
transformers, switchgear and UPS and
between redundant feeds).
Access restricted to authorised
persons.
Environmental
services/HVAC
Number of Air Handling Units (AHU),
heating and cooling plant.
Noise and maintenance access.
Meeting rooms
Number of people, furniture and equipment.
Will operators need to attend
meetings whilst on duty?
Offices
Number of people, furniture and
equipment. Particular consideration for
Supervisors and Plant/Field Operators.
Direct access from Control Room?
Able to see into or monitor activity in
Control Room?
Training facility
Furniture and equipment.
Will operators need to attend
meetings whilst on duty?
Kitchen/dining
Food storage for each team/shift
(lockable), preparation and cooking
facilities. Dining furniture
Access for duty CRO.
Room
Considerations regarding size.
Considerations regarding location.
Drinks lounge
Access to drinking water. Tea/coffee
making facility
Access for duty operators.
Toilets
Male, female and disabled.
Access for duty operators.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 60 OF 3 11
Room
Sizing
Location
Showers
Male, female and disabled.
Clean and dirty areas.
Personal storage
Storage for clothing and personal items.
Provision for secure storage (lockers).
Work item storage
PPE, cleaners’ equipment and materials,
office supplies, plant spares, portable
communications. Adequate to contain any
special maintenance or cleaning
equipment to be used in the Control
Building (e.g. cleaning or maintenance of
a room with a high ceiling).
Document Library
Books, manuals, drawings. Access to
electronic copies, local backups.
Access for duty operators.
Visitor facility
Reception area. Viewing gallery.
Controlled access.
Prayer room
Cultural requirements.
Access for duty operators.
Muster area
Maximum number of people to be
accommodated. Emergency equipment to
be stored.
May be combined with another use or
located in another room. Mustering in
the Control Room should be avoided
because it can cause distraction.
Incident command
centre
Maximum number of people making up
the command team.
Access for duty operators and
communication links with Control
Room during an incident. Control
Room may be used for this.
Collaboration or
Video Conference
Room
Number of people, equipment to be used.
Typically to facilitate
Direct access from Control Room?
collaboration with remote operations
and technical support teams.
IT Support
Number of people, furniture and
equipment.
May be as part of the control room or
as a separate room.
Humans System Interfaces
A SCR operators’ role involves the monitoring and controlling of security systems and detecting
assessing and responding to events.
A Physical Security Information System PSIM should be utilised to consolidate various events and alerts
from security systems and present them in a Guided User Interface or GUI. For smaller systems, this
may be achieved through either the access control or VSS head end software.
The GUI should collect and present data from all integrated systems and devices enabling the operators
to carry out their tasks efficiently.
The PSIM should assist operators in their roles by automating and prompting certain aspects of
operations through a structured cause and effect matrix by aggregating information from various
systems and automating processes to effectively manage events and initiating the appropriate response.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 61 OF 3 11
Reference Standards
The following standards should be used when developing the SCR design:
Standard
Description
BS EN ISO 11064
Ergonomic design of control centres.
BS 6396
Electrical systems in office furniture and educational furniture
Specification.
BS 7083
The accommodation and operating environment for Information
technology (IT) equipment.
BS EN 50398-1
Alarm systems. Combined and integrated alarm systems.
General requirements.
BS 7958:2015
Closed circuit television (CCTV). Management and operation.
Code of practice.
BS 8418 + A1
Installation and remote monitoring of detector-activated CCTV
systems. Code of practice.
BS EN 62676 Series
Video surveillance systems for use in security applications.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 62 OF 3 11
A18: HVAC, Intakes and Ducting
This section should be read where the Security Threat and Risk Assessment has identified a need for a
secure and resilient HVAC system. This will be a requirement for critical facilities and also all facilities
where there is a crowded internal space, such as an arena, station or hospital.
Given the climate in NEOM, HVAC systems will be widely used across all indoor spaces, it will perform a
key function in ensuring a comfortable environment for all NEOM Citizens and Visitors. If an individual
HVAC system within a key asset or an industrial control facility was disabled during the summer months,
then this would likely result in a level of discomfort that could lead to disruption.
It is anticipated, however, that consideration of this aspect will be included within the MEP design and it
not an additional concern for security.
This functional requirement is concerned with facilities that may be targeted by and, in an unmitigated
state, be vulnerable to a CBRN attack.
Overview
Mechanically ventilated spaces provide a viable means to disseminate chemical or biological agents
within a building.
The use of contaminants within the built environment, to date, has been rarely seen, however it should
be acknowledged that threats will likely evolve over time, especially where the building creates a
crowded space. Taking the opportunity to embed good security design practice within NEOM will ensure
that the opportunity for threats, such as CBRN, are more difficult to realise.
Therefore, air intake and recirculation vents should be positioned at a suitable height to make a
deliberate act more easily identifiable by VSS or operational staff.
Performance Requirements
Air Intakes and HVAC Ducting
All air intakes should be positioned where possible at a suitable height above grade level to deny
physical access to the air intake, especially to deny the introduction of vapours, gases and liquids.
The minimum height above accessible areas should be 3.0m from the most advantageous attack point.
If a building or space is classed as a Protection Group Restricted, then the minimum height should be
increased to 4.0m.
If air intakes are placed on roof levels, then access to the roof space should be controlled, with no public
access allowed within the vicinity of the vents.
Where a suitable height above grade cannot be achieved, intakes should be protected with appropriate
architectural covers or grates in keeping with the appearance of the facility.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 63 OF 3 11
Ducting, access hatches and inspection points should all be positioned in back of house areas and fitted
with either locks or anti-tamper fixings as appropriate.
For buildings that are classed as Protection Group Restricted, and Enhanced if identified as a
specific vulnerability during the STRA:
•
All HVAC intakes shall be positioned a minimum of 4.0m above FFL and positioned behind a
secure physical barrier.
•
Where a physical barrier is not desirable or practical, the HVAC intakes should be positioned a
minimum of 5.0m above FFL.
•
All HVAC intakes vents should be fitted with louvres and grilles, to mitigate against
unauthorised access by persons and materials.
•
For secure rooms, or sensitive areas (i.e. Control rooms or Protected spaces) these should
have isolated ventilation systems designed in and be separate from the main building
ventilation systems.
•
HVAC systems should be supported by suitable UPS to ensure a minimum level of redundancy
is achieved.
•
VSS and detection capabilities should be designed to provide monitoring and alarm functions at
HVAC intake locations with alarms to the Security Control Room.
•
The ability to stop intakes and reverse air flows via the Building Management System should be
possible.
•
If indicated by the STRA process for blast related threats – Restricted sites, facilities and
buildings shall consider the inclusion of blast protection valves and dampers to reduce the
internal effects of adverse loading.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 64 OF 3 11
Reference Standards
The following standards should be used when developing the HVAC design:
Standard
Description
ASIS POA
Protection of Assets Manual.
ASHRAE. 2003
Risk Management Guidance for Health, Safety, and
Environmental Security under Extraordinary Incidents.
Presidential Report of the American SCRiety of Heating,
Refrigerating and Air-Conditioning Engineers.
ANSI/ASHRAE 52.1-1992
Gravimetric and Dust Spot Procedures for Testing Air-Cleaning
Devices Used In General Ventilation For Removing Particulate
Matter.
ANSI/ASHRAE Standard 55-2004
Thermal Environmental Conditions for Human Occupancy.
ASHRAE 62.1 - 2019
Ventilation for Acceptable Indoor Air Quality
DHHS (NIOSH) Publication No. 2002-139
Guidance for Protecting Building Environments from Airborne
Chemical, Biological, or Radiological Attacks.
Saudi Building Code (SBC) 2018
The Saudi Building Code (SBC) is a set of legal, administrative
and technical regulations and requirements that specify the
minimum standards of construction for building in order to
ensure public safety and health.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 65 OF 3 11
Annex B - Security Functional Requirements (Industrial)
Environmental Requirements – All Systems
All systems in NEOM must perform without degradation caused by environmental influences and
weather conditions. Therefore, all systems should comply or exceed the following requirements.
Minimum environmental conditions shall comply with those related to Telecommunications spaces as
per BICSI-TDMM latest edition.
All security spaces (including Security Equipment Rooms, Security Rooms, Security Entrance Facilities,
Security Enclosures/Cabinets) shall be cooled by redundant split or central air-conditioning units.
No cabling associated with security should be exposed.
Environmental Considerations
Minimum Performance Requirements
Wind, rain, hail and potentially snow.
•
IP66 and NEMA 4X-rated.
•
All devices such as camera columns shall be provided with
deflection analysis based on the local wind conditions to ensure
products are fit for purpose.
•
Minimum wind speed conditions: 112km/hr unless 20 year data
available.
Temperature variances.
The Working environment
-10 °C to +65 °C (-14 °F to 149 °F) including direct sunlight and shall
include temperature rise inside the cabinet.
Maximum temperature (intermittent): 65 °C (149 °F)
Humidity 5 – 100% RH (non-condensing)
-10 °C to +65 °C (-14 °F to 149 °F) when IR LEDs are off.
Light sources, including the sun.
•
Outdoor equipment should be designed to operate without air
conditioning or a forced air ventilation system and shall be able to
function continuously within its own specific environment
conditions.
•
Window type air conditioners shall not be used for cooling any
security facilities or equipment.
•
Outdoor equipment should be designed to meet the specified
performance required under the full range of the local
environmental conditions.
•
Equipment not capable of meeting environment requirements
should be installed in a cabinet with active cooling.
•
Capable of incorporating auxiliary equipment (coolers, heaters)
only if required.
•
Sun-shaded as necessary.
Minimum Illumination
•
With Wide Dynamic Range - forensic capture & Light finder
Colour: 0.1 lux at 30 IRE, F1.6, B/W: 0.008 lux F1.6, 0 lux with IR
illumination on.
•
Colour: 0.15 lux at 50 IRE, F1.6, B/W: 0.01 lux, F1.6, 0
lux with IR illumination on.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 66 OF 3 11
Environmental Considerations
Minimum Performance Requirements
•
Products where possible shall be provided with a sunshield to
reduce glare and thermal overheating.
Privacy regulations related to specific
public areas.
All cameras to be capable of creating privacy masking in accordance
with the Human Rights Act 1998, Anti Cybercrimes Law 2017, The
National Data Governance Regulations 2020.
Wildlife including birds.
Video Analytics - To Avoid False Alarms/Triggers
Water, dust and corrosion.
•
Included video motion detection, fence guard, motion guard,
loitering guard, Auto tracking, Active Gatekeeper.
•
The video analytics system shall assist an operator in rapidly
locating and determining the cause of sensor alarms by
identifying activity in the camera scene where potential risk exists
in the area being monitored. The processing shall allow the
detection of abnormal behaviour such as, but not limited to,
activity at a time when no activity is expected, packages left
behind, entry into a restricted area or approach to a restricted
area.
•
Support for installation and integration of third-party applications.
Equipment Housing
•
IK08, IK10 housing and mounting, IP66- and NEMA 4X-rated.
•
Airborne Dust: Average 0.3 mg/m / Sandstorm 3 mg/m.
•
Re-coatable metal casing (aluminium), hard coated.
•
Lightweight, rugged.
•
Polycarbonate clear dome with Sharp dome Technology.
•
All coastal devices to be suitable for marine environments.
The following shall comply with BICSI-TDMM:
•
Security Spaces (i.e. security rooms) and related elements (i.e. HVAC and fire protection)
specifications for Telecommunications spaces.
•
Security indoor cable distribution systems (i.e. cable trays, conduits, grounding).
•
Security outdoor cable distribution systems (i.e. manholes, ductbanks, grounding) shall comply with
BICSI-OSPDRM.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 67 OF 3 11
Testing Requirements – All Security Infrastructure
General
•
The first training class should be scheduled so that it is completed about 30 days before factory
acceptance test (if conducted) or site acceptance test begins.
•
Equipment performance testing is designed to determine whether equipment is functional, has
adequate sensitivity, and will meet its design and performance objectives. It is not sufficient for a
component to meet the manufacturer’s standards if the component proves ineffective during testing.
•
Testing of the operational security structure should be undertaken.
•
Standard compliance testing (SCT). SCT encompasses both NEOM standards and industry
standards.
•
Original copies of all data produced during any testing should form part of the handover
documentation at the conclusion of each phase of testing, prior to approval of the test. This
documentation also describes who will witness all testing activities. The contractor will be required to
obtain written permission from NEOM before proceeding with any testing.
•
Any component that is a part of the security system should be tested. In addition to component
testing, subsystem and complete system tests will be specified to ensure that the system performs
according to the design.
•
Before testing, the customer (or the contractor) should develop (design and prepare) a detailed test
plan. The test plan specifies the testing approach that will be taken, what will be tested, when it will
be tested, how it will be tested, and who will perform the testing.
Pre-Delivery or Factory Acceptance Testing (FAT) / Initial Acceptance test (IAT)
•
The FAT should demonstrate the concept and functionality, including integrated activities prior to
any installation at the site. The FAT should be witnessed and reported upon by the designer.
•
All data produced during FAT, including the results of each test procedure, should be delivered to
the designer and NEOM for approval of the test.
•
All deficiencies noted in the FAT should be resolved to the satisfaction of NEOM before installation
and acceptance testing. The contract agreement should be written so that NEOM has the option of
cancelling the contract if any major issues identified during the FAT cannot be resolved within a
reasonable Period.
Site acceptance Testing (SAT)
•
SAT should be started after written approval has been received from NEOM regarding any previous
testing activities or installation problems.
•
Before conducting the site testing, the contractor should provide a report to the designer and NEOM
describing results of previous acceptance tests, functional tests, diagnostics, and calibrations,
including written certification that the installed, complete system has been calibrated and tested and
is ready to begin SAT. This report should be received at least two weeks before the start of SAT.
The report should also include a copy of the approved FAT procedures. The contractor should be
instructed that NEOM or its agent may terminate testing any time the system fails to perform as
specified.
•
Using SAT procedures, the contractor should demonstrate that the completed system complies with
all the contract requirements. All physical and functional requirements of the project should be
demonstrated.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 68 OF 3 11
•
Upon successful completion of the SAT, the contractor should deliver test reports and other
documentation to the designer and NEOM before commencing further testing. The contractor should
deliver a report describing results of functional tests, diagnostics, and calibrations, including written
certification that the installed, complete system has been calibrated and tested and is ready for
reliability testing. The report should also include a copy of the approved SAT procedures.
Reliability Test or Operational Availability Testing (OAT)
•
OAT is usually conducted over a 30-day period (24 hours per day for 30 consecutive calendar days).
The purpose of the test is to ensure that the system under test can operate reliably and stably for an
extended period.
•
OAT should not be started until NEOM notifies the contractor, in writing, that all acceptance testing
has been satisfactorily completed, training (if specified) has been completed, and all outstanding
deficiencies have been corrected.
•
The contractor should provide one representative to be available 24 hours per day, including
weekends and holidays (if necessary), during OAT.
•
NEOM may terminate testing whenever the system fails to perform as specified.
•
OAT is best conducted in alternating phases (15-day Phase I and 15-day Phase II) of testing and
evaluation to allow for validation of the tests and corrective actions. The contractor should make no
repairs during any phase of testing unless authorized by NEOM in writing.
•
After each Phase testing, the contractor should identify all failures, determine causes of all failures,
repair all failures, and deliver a written report to NEOM. The report should explain in detail the
nature of each failure, corrective action taken, and the results of tests performed; it should also
recommend when to resume testing. About a week after receiving the report, thedesigner should
convene a test review meeting at the job site to discuss the results and recommendations. At the
meeting, the contractor should demonstrate that all failures have been corrected by performing
appropriate portions of the acceptance tests. Based on the contractor’s report and the test review
meeting, NEOM may set a restart date or may require the Phase repeated. The contractor should
not commence any required retesting before receiving written notification from the customer.
•
If the system experiences no failures during Phase I testing, the contractor may proceed directly to
Phase II testing after receipt of written permission from NEOM. Otherwise, the testing and
assessment cycles continue until the testing is satisfactorily completed. (The process is repeated
until the system either achieves the desired availability or the project team determines whether to
accept the system or make design changes.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 69 OF 3 11
After-Implementation Testing
Several tests may be conducted after implementation or when the system has begun it useful life, such
as these:
•
Operational test (periodic tests to prove correct system operation but do not involve verification of
equipment operating specifications)).
•
Performance test.
•
Post-maintenance test (operational test conducted after preventive or remedial maintenance).
•
Subsystem tests (ensure that large parrs of the system are all working together as originally
designed).
•
Limited scope tests (test a complex system which is broken down into several subsystems or
segments that are tested separately).
•
Evaluation tests (periodic test, performed at least once a year, to validate the vulnerability analysis
and ensure that overall effectiveness is being maintained).
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 70 OF 3 11
B1: Video Surveillance Systems and Video Analytics
Security Functional Requirements are included in the NEOM Security Standard to provide minimum
levels of appropriate security based upon the likely security related risk a facility, site or element of the
built environment may be subjected to in its final operational state.
Overview
This Section defines the performance requirements and design considerations that need to be taken
into account when designing Video Surveillance Systems (VSS) within NEOM.
The designer is required to produce field of view (FoV) traces for any camera included in their
design scheme. The coverage overlay must include where a camera will also incorporate a
video analytic, and the type of analytic being used.
Invisible and Discrete Surveillance
A key element of the NEOM community is privacy, and therefore VSS should only be used where
required and supported by the specific location Security Threat and Risk assessment. When required,
the design of equipment and infrastructure should be carefully considered and combined with other
infrastructure elements wherever possible. i.e. the placement of cameras in wayfinding totems,
lighting units etc.
Whilst, cameras should not be hidden, they should be discretely placed as not to detract from the
overall environment in the specific area. They must also take account of lighting schemes to ensure
the image quality is not degraded or obscured by either artificial or natural light levels across the year.
Exceptions to this are where a strong visible security presence is required to provide a robust
deterrent effect. The need for a strong deterrent effect should be identified through the Security
Threat and Risk assessment completed by the designer. It is expected this effect will be required for
facilities and sites with a protection grading of Restricted but may also apply to specific areas of an
Enhanced security site.
Areas Where Surveillance Will Be Required
The following areas should always be considered for surveillance. Where not included in the design
scheme, an exceptions matrix should be produced to evidence why surveillance is not required or is
not appropriate.
•
Automated vehicle entry points.
•
External access points onto sites for vehicles and pedestrians.
•
VSS in support of any intruder detection systems to provide as a minimum verification of the
alarm state, but also to provide tracking of an intrusion at perimeters as appropriate.
•
Vulnerable internal areas, including:
o
Main reception points.
o
Key access control points.
o
Front of House routes.
o
Computer Equipment Rooms (CERs).
o
Server Equipment Rooms (SERs).
o
Security Control Room.
o
Critical power supply areas and plant rooms.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 71 OF 3 11
o
Accessible communication route points.
o
Fire Command Centre.
o
Loading and delivery bays.
o
Lifts, lift lobbies and escalators, to capture key movement nodes.
o
Stairwells, for safety and to capture key movement nodes.
o
Border security locations and boundaries.
Regulatory requirements that are incorporated into NEOM should be complied with in all
circumstances.
Specific requirements for facilities that are at border locations will be required and should be
discussed with the NEOM Border Security Lead.
Performance Requirements
The following minimum performance requirements should be taken into account when developing the
VSS design.
System Element
Requirement
Cameras
•
High Definition (HD) minimum, with suitable higher resolution
cameras where appropriate, including 360o cameras. (1920 x 1080
minimum)
•
IP cameras only.
•
Colour images at all image quality levels including low light to 0.05
Lux.
•
Support privacy zoning.
•
Support edge recording onto storage cards.
•
Suitable for IR illumination where visible light is not available.
•
ONVIF compliant in conjunction with the VSS.
•
Thermal cameras should be suitable for the usage and have a
minimum resolution of at least 320 x 240.
•
Support video analytics.
•
The VMS must be fully configurable and upgradable to extend its
operational lifespan. Including flexible licensing.
•
The VMS must have a single common and configurable Graphical
User Interface (GUI).
•
The VMS must provide audible and visual alarm indication.
•
The VMS must provide full IP camera support, graphical mapping,
integration, reporting, alarm management, remote access and user
profile management.
•
The VMS must support individual camera quality and recording
settings.
•
The VMS must provide alarm/event displays and recording.
•
The VMS must provide a minimum of 90 days of VSS camera video
storage according to the recording schedule.
•
The VMS must be fully resilient and redundant with availability not
falling below 99.9%
Video Management System
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 72 OF 3 11
System Element
Recording
DOCUMENT CODE: NEOM-NSE-PRC-001
Requirement
•
The VMS provide configurable reporting for audit purposes to include
but not limited to event logs, user transactions, alarms, etc.
•
The VMS will allow reports to be automatically generated on a
scheduled basis and that can be emailed to specified recipients.
•
The VSS cameras must be recorded and stored locally onsite via a
resilient and redundant infrastructure, or off-site storage must offer
the same levels of resilience and redundancy.
•
Must support video wall usage.
•
All cameras shall be geospatially mapped to provide physical
coordinates of each device. This capability shall be used to display
imagery and alarm data on GIS maps that correlate each camera
location to the map.
•
Fully functional VSS cameras must be controllable via the VMS using
a mouse or a USB PTZ control unit and support primacy control.
•
The entire VSS system shall be capable of resisting mains power
spikes and fluctuation and an indirect lightning strike and its
associated EMP.
•
The VMS will provide a graphical mapping interface with dynamic
VSS device icons.
•
The VSS system shall support secure and encrypted communication.
•
The VMS must support controlled, secure and auditable data
exporting to approved storage devices.
•
The VMS will support instant video recording and data tagging via
user initiation.
•
The VMS will support the use of mobile devices (including body-worn
cameras) for both live and recorded images, and remote monitoring.
•
VSS system must support 180 and 360-degree cameras with dewarping and recording.
•
VSS system shall include the ability to pixelate any area of recorded
video footage.
•
The Video Recording server software must have configurable
settings for individual cameras and record images with a time and
date stamp.
•
The video from all cameras must be stored and be available for
viewing locally and across the network.
•
The video recording servers must be capable of recording IP camera
video feeds.
•
The video recording servers will be installed, and rack mounted in a
suitable location such as an IT Comms/Server room with resilient
network and power connectivity.
•
The video recording servers must alarm if a camera is lost, if a disk
fails, if power or communications are lost via the VMS.
•
The video recording server must receive a hard or soft shutdown
trigger from a UPS unit where installed.
•
Background recording rates unless stated as regulatory requirement
will be 6pps (pictures per second).
•
If event or alarm activated the recording rate will rise to 25 - 30pps.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 73 OF 3 11
System Element
Requirement
•
•
Image retention will be as follows:
o
Restricted Protection Group – 90 days.
o
Enhanced Protection Group – 90 days.
o
Baseline Protection Group – 30 days.
o
All groups alarm events – 90 days.
Where surveillance assets provide imagery that supports NEOM
border security, image retention will be 180 days.
Minimum Resolution Requirements
Resolution is defined in the following matrix. It is the responsibility of the designer to confirm any
resolution requirements based on their specific development. Both internal and external cameras will
be installed based upon the six image categories defined in the following matrix.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 74 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 75 OF 3 11
Image Standards to be Used
Resolution Requirement
Pixels Per Metre (ppm)
Strong Identification
1000
Identification
250
Recognition
125
Observation
62
Detection
25
Monitoring
12
Automatic Licence Plate Readers
•
ALPR will only be utilised where non-automated vehicles will be used in the region.
•
Automated vehicles will carry transponders to aid their real time recognition and vehicle
movement.
•
Where ALPR is employed it will be required to record vehicle entry and exit from a facility or site.
This is mandatory for Restricted and Enhanced Industrial sites.
Operational Issues
•
The VSS cameras and VMS will be reliant upon a suitably resilient network infrastructure.
•
The UPS will need to shut down the VMS/video recording servers correctly after an agreed period
of time following a power failure if the backup generator does not come online.
•
Regular system maintenance must be carried out otherwise the images captured will lose clarity
and may not meet the capture requirements.
•
VSS data requests may be made by authorised organisations and these will need to be approved
by NEOM Public Safety Department in-line with NEOM Data Privacy Policy.
Key Functional Outcomes
•
The VSS system will provide live and a post-event record of unauthorised access into the
perimeter, buildings and vulnerable areas and of events and incidents on a 24/7 basis.
•
The VSS system will provide instant live coverage with pre/post footage of a detected incident,
initiated by the VSS system itself or via an integrated system.
•
The VSS system will aid situational awareness through blank or ‘priority’ screen monitoring
(monitoring by exception) on site, with the capability of doing the same across all sites during
emergencies.
Integration Requirements
The VSS should be capable of integrating with the following systems, with integration being defined
by the security level required at the facility, site or building.
•
ACS.
•
Security lighting.
•
Intercoms.
•
HVM active barriers.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 76 OF 3 11
•
Physical security documents, policies and procedures.
•
Manned guarding patrols.
•
Other security systems.
•
Ability to export and import movies and images to the system.
•
All security systems shall be integrated to the command and control centre.
Dependent upon the level of integration that is present between systems, linked actions and queued
effects may be required. These should be detailed in a cause and effects matrix.
A brief example of a cause and effects matrix is provided below.
Alarm Indicates On Security Work Station
Camera View xxx available for selection via
Work Station alarm
Event Recorded on Security Database
Effect
Analytic alert activated
X
X
X
Door forced alarm received
X
X
X
Cause
Camera auto-cue to alert/alarm area
Cause and Effects Matrix Example
Video Surveillance System
X
Video Analytics Overview
The use and application of video analytics will be a key method to achieving the NEOM Security
Vision to create safe and secure spaces, enabled through invisible technology.
This section will provide guidance to consultants and designers on the considerations around video
analytics that need to be made.
The application of video analytics should be informed by the specific STRA and any detection and
monitoring requirements. Designers should consider the use of analytics as part of a layered security
system and, in particular, they should be developed alongside the VSS ad IDS designs.
Selection of the correct video analytic is the responsibility of the design team to meet the specific
requirements of their Concept of Security Operations.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 77 OF 3 11
Type of Analytic
The type of analytic to be employed must be carefully considered by the designer, rather than an
‘overarching’ capability statement including a long list of analytics. Therefore, each analytic type and
its purpose should be:
•
Clearly describe the locations and cameras where the analytic will operate.
•
Define what the alert or alarm criteria for the analytic are to be.
•
Define where the alert or alarm will be received.
•
Define the operating details for the analytic, i.e. is it 24hr or time bound, or conditions dependent.
Intelligent Functions
The designer should consider whether self-learning systems, machine learning or AI applications can
enhance the use of a video analytic in their design.
Scene Robustness
The analytics engines must be able to operate effectively, and without undue false alarm rates or
degradation, in the intended operating environment for the surveillance asset/sensor. Therefore,
certain considerations need to be taken into account where the video scene may be unduly altered
without a security incident being actually present. Video Surveillance & Assessment System shall
provide active surveillance capability under all weather conditions. Some examples of weather
conditions are given in the following matrix.
If the analytics provides a critical security function, such as primary source of detection, and it will be
ineffective under certain conditions, as second technology must be utilised to avoid this vulnerability.
Location
Impact
External assets and sensors
Rain.
Dust.
Dense Fog.
Sandstorms.
Wind.
Land Animals.
Birds.
Scenery movement, such as trees, doors or other scene items
not of interest.
Water surface movement and reflections, if applicable.
Waves, if applicable.
Fast changing illumination levels, sunlight, deep shadows or
vehicle lighting.
Low scene contrast.
Low light.
Internal assets and sensors
Doors or Lifts opening.
Escalator movement.
Changing illumination levels.
Reflection from surfaces, including glazing.
Overly crowded image scenes.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 78 OF 3 11
Cameras and Lighting
The choice of camera will assure that the best analytics performance is achieved. The
analytics/camera solution must be able to automatically adapt when a camera or a scene switches
between day and night modes. This should include the selection of the most appropriate image type,
visual, thermal etc.
Fields of View
Video analytics field of view, detection location or coverage must be clearly annotated onto
surveillance overlays that include the camera field of view illustrations.
Fields of view must be shown adjusted to the location, i.e. not just general coverage which goes
through walls etc.
Cameras shall be placed based on local topography and applicable requirements.
A study shall be carried out to define the actual field of view of each camera/lens combination used
and identify blind spots. The study shall consider the actual focal length of the camera lens, camera
pole height, local topography and obstructions in the camera field of view.
Camera coverage shall overlap so there are no blind spots between adjacent cameras exist. Local
terrain shall be used to determine the optimal camera mounting pole height that will meet the
requirements of this standard.
Cause and Effect
A cause and effects matrix must be prepared to support the use of video analytics. Examples of
cause and effects matrices can be found in A1: Video Surveillance.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 79 OF 3 11
Surveillance Analytic Example
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 80 OF 3 11
Reference Standards
The following standards should be used when developing the VSS design:
Standard
Description
BS EN 62676
Video surveillance systems for use in security applications.
BS 7958
Closed Circuit Television (CCTV), Management and operation code of Practice.
BS EN 50130-4: +A1
Alarm systems. Electromagnetic compatibility. Product family standard:
Immunity requirements for components of fire, intruder, hold up, CCTV, access
control and social alarm systems.
NCP 104
NSI Code of Practice for Design, Installation and Maintenance of CCTV
systems, NSI.
BS 8418 + A1
Installation and remote monitoring of detector-activated CCTV systems. Code
of practice.
NFPA 730
Guide for Premises Security.
NFPA 731
Standard for the Installation of Electronic Premises Security Systems.
NFPA 70
National Electrical Code.
NFPA 70B
Recommended Practice for Electrical Equipment Maintenance.
ANSI/SIA CP-01-2019
American National Standard Institute/Security Industry Association – Features
for False Alarm Reduction.
IEC 60529
Degrees of protection provided by enclosures (IP Code)
ASIS FPSM
Facilities Physical Security Measures Guideline.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 81 OF 3 11
B2: Other Surveillance Systems
Overview
This section outlines the requirements of other surveillance technology that is not a major part of the
VSS. In the majority of cases it is envisaged that other surveillance assets will be required at locations of
major regional infrastructure and industrial locations that require either a secure perimeter line or
early/extended detection and monitoring of activity close to the site.
This section is not to define this technology, but to outline the considerations that are for these additional
surveillance technology assets.
Counter-Unmanned Aerial Systems is covered in a separate section that should be referred to if this
threat is a consideration for the facility, site or building.
It is expected that wide-area and extended surveillance systems will be deployed at the following sites:
•
NEOM Industrial City Port.
•
Major industrial sites such as the desalination plant and hydrogen plant.
•
Border security locations and boundaries.
Use of Radar and Long Range Cameras
Surveillance beyond the perimeter of sites that require either early warning or situational awareness
should utilise an integrated radar and long range camera system. The radar detection range should be a
minimum of 2km and the final range should be highlighted by the STRA. The long range camera should
have a minimum range of 1km with image stabilization to provide HD imaging. Both should be
connected to the Command and Control center.
A Radar Video Surveillance System (RVSS) will utilise a single or series of radars dependent upon site
and terrain to provide a wide area, up to 360o coverage across the area of interest. Verification of
detection will be via a dual band camera system incorporating both visual and thermal cameras to
provide a true 24hr long range detection and verification capability.
The system will have the following requirements:
•
Be integrated into external security cameras, which will include:
o
Cameras mounted at the Radar Unit location. These will provide the long-range camera
capability. This is the typical location for thermal band cameras that will be able to provide
verification across the individual radar detection footprint.
o
Cameras located along the site perimeters. Generally visual band cameras with low light
capability.
•
All cameras associated with the RVSS will be networked to allow the RVSS software to select the
camera that will provide the ‘best’ view of the area or object of concern. Networking will also allow
the automatic handoff between cameras so that a continuous visual or thermal verification
accompanies the movement history of an object of interest.
•
The radar will detect multiple potential threats and ‘tagged’ friendly assets to provide strong
situational awareness to the Security Control Room operator.
•
The RVSS will be integrated into an Automatic Identification System (AIS) and ‘friendly asset’
transponder system. This will allow all tagged assets, be that vehicles, equipment or people to be
tracked so that threat analysis and information led security can be applied at the site.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 82 OF 3 11
•
The system will allow asset descriptions to be attached to the asset, so hovering over the asset on
the operator screen will provide details to aid situational awareness.
•
The RVSS will be able to distinguish between vehicles, people and animals based on target crosssectional size and be able to prioritise alerts based on target type, direction of travel and proximity to
specific critical locations at the site.
•
Designed to operate in all weather conditions with minimal effects from adverse weather and
precipitation on detecting intruders.
•
RVSS detection and verification capability will be in the range:
o
Vehicles: 2.0km.
o
Moving people: 1.5km.
•
The radar configuration will allow for full 360° coverage with reliable detection.
•
The PTZ head of the radar system should feature a long range high definition visible spectrum
camera which is coordinated with a digitally zoomed cooled thermal camera. This allows an operator
to switch seamlessly between thermal and visible images to facilitate threat verification and tracking.
•
Low effective radiated power that poses no threat to human exposure.
•
Software enabled masking zones can be configured across the full detection area.
Reference Standards
The designer is to select relevant standards for the technology chosen. These should be submitted to
NEOM Public Safety Department for a suitability check for the proposed installation.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 83 OF 3 11
B3: Access Control Systems
Overview
This Section defines the performance requirements and design considerations that need to be taken
into account when designing Electronic Access Control Systems (ACS) within NEOM.
The designer is required to produce privacy zoning to support their placement of access control points
and lines.
Consideration on the selection of access credentials should be carefully considered and in general
should conform to the scale given below and therefore, the dwell time tolerance also. However, the
process must be suitable for the application, user experience and most importantly achieve the
desired security effect.
Where a site, building or facility is in Protection Group Restricted, and some Enhanced, access
control should have a stronger deterrence effect and therefore may not comply with the concept of
invisible security. However, the application of access control should be layered and provide greater
protection at critical locations. The different application of access control techniques and
authentication should be informed by the privacy zoning mentioned above.
Hands Free / Contactless Operation
Wherever possible, regardless of the Protection Group, it is desirable to make any access control
point a contactless operation. This includes biometrics and this requirement should form part of the
selection criteria used for the authentication method.
Access Control Authentication
It is expected that the type and number of authentication factors will vary across Industrial sites
dependent upon the sensitivity or control required over an area or location. The following guidance
should be applied.
Protection Group
Location
Access Control Approach
Restricted
Critical Area
2 Factor Authentication
(one being biometric / one token issued on-site only)
Read In / Read Out
Restricted
Controlled Area
2 Factor Authentication
(one being biometric)
Read In / Read Out
Restricted
General Area
Single Factor Authentication
Enhanced
Critical Area
2 Factor Authentication
(one being biometric)
Read In / Read Out
Enhanced
Controlled Area
2 Factor Authentication
(one being biometric)
Read In / Read Out
Enhanced
General Area
DOCUMENT CODE: NEOM- NSE-PRC-001
Single Factor Authentication
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 84 OF 3 11
Protection Group
Location
Access Control Approach
Baseline
Critical Area
2 Factor Authentication
(one being biometric)
Read In / Read Out
Baseline
Controlled Area
Single Factor Authentication
Baseline
General Area
Single Factor Authentication
Performance Requirements
Access Control Credentials
Access control credentials shall be divided between different tokens:
•
Mobile Near Field Communication (NFC) and Bluetooth Low Energy (BLE), activated and
authenticated with on-device biometrics. Access control systems shall use encrypted storage
sectors as part of an IoT device architecture to identify the token and access rights associated.
These may be virtualised access card systems.
•
Segregated Access Control Tokens shall be used for high security facilities (nominally all
Restricted and STRA identified Enhanced locations). These tokens will remain within the facility,
site or building and be exchanged to users as part of their entry procedures to provide greater
levels of control over these access tokens. Designs should identify how this will be achieved and
tokens controlled. An alternative is the use of robust biometric controls.
•
Biometric usage is the preferred access control credential due to its uniqueness, either as an
individual or as part of a multi-factor identification/authorisation process. The biometrics below are
arranged in order of preferred method, however these need to be matched to the use case at
each access control point.
o
Facial recognition.
o
Palm vein scanning.
o
Iris recognition.
o
Voice recognition.
o
Fingerprint.
The type of biometric to be utilised should be carefully considered to ensure that its ability to capture
the biometric is not adversely affected by environmental conditions. For example, a visual band facial
recognition camera installed in a location where it is subject to changing strong sunlight will be less
reliable. The same applies to palm vein readers exposed to bright sunlight also.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 85 OF 3 11
The guiding principle is that all access control points wherever possible should be
contactless.
Doors
The following guidance should be complied with:
•
External entrance doors will accommodate door position switches for monitoring as a minimum.
•
Security rated door-sets will be provided where there is a need to delay forced entry, or a secured
zone within the building, and to provide an overall deterrent effect to criminal activity.
•
Access control points at doors require the surrounding walls, floor and ceilings to provide a similar
level of delay to unauthorised movement, and wherever possible deny by-pass of the access
control point.
•
Final exit and emergency egress / escape doors will accommodate a manual means of exit device
in order to secure doors from the exterior, whilst still providing a method for safe egress during an
emergency and evacuation scenario.
•
Revolving doors will be able to accommodate a position switch and shall also be monitored by the
ACS and will also have the ability to be manually locked.
Lifts
The following guidance should be complied with:
•
Where vertical transitions require control, then access control readers should be included within
lift cars.
•
Where vertical transitions are possible by a large number of personnel, it may be more
appropriate to have a horizontal access control point with anti-passback and tailgating prior to the
vertical transition point, and therefore the vertical control may not be required. This is dependent
upon the number of access control groups and the differing privileges assigned to each.
Receptions
The following guidance should be complied with:
• Reception desks with access control interfaces/systems must employ strict control over the ability to alter
access database records, adding or deleting records and the ability to change transaction logs. Log ins must
be unique and strong password protected.
• Where enrolment is completed as part of a reception function, this must also be strictly controlled and
authorised.
• Receptions with either of the above functions must have a strategically positioned duress alarm capability
and/or and alert field in the access control GUI.
Pedestrian Barriers
The following guidance should be complied with:
•
Where pedestrian barriers, such as turnstiles or portals are required to control access, these
should provide a complete barrier to unauthorised entry.
•
Entry points should take account of all potential users, and therefore allow passage for those with
disabilities providing the same experience across all users.
•
A method must exist for responding to and processing access failure attempts.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 86 OF 3 11
Fire Strategy
The following guidance should be complied with:
•
The fire alarm and warning system (FAS) will be hard wired into the ACS for each building and
shall allow for the fire alarm system to directly open all electronically locked doors designated as
“fail safe” and without a mechanical override. Any mechanical locks on escape routes will be fitted
with a simple mechanical release facility in the direction of escape.
•
Locks that have a securing function even during a fire incident will operate via multi-pole
activation.
•
It is the designer’s responsibility along with the fire engineer to ensure that the access control
system is safe and compliant for evacuation purposes.
Visitor Access Control
The following aspects should be carefully considered and articulated in the access control strategy:
•
Visitor access and the gaining of the correct access rights.
•
Visitor access should avoid the issue of codes, PINs or other tokens that are not specific to a
person.
•
Visitor access should always be time bound.
•
Visitor access should always be auditable.
•
Where secure facilities are visited, the designer should consider secondary criteria to control
access, such as escort recognition in the access control system prior to allowing a visitor
credential to successfully open an access control point.
•
For Restricted facilities, sites and buildings all visitors to critical areas must be escorted.
Mobile Reader Capability
The designer should determine if mobile reading technology is required. If required then units should
provide the necessary functionality, be environmentally protected, robust, and also offer a secured
interface to the access control system.
Environmental Requirements
The following guidance should be compiled with:
•
ACS devices that are indoors or housed in an environmental indoor cabinet shall be cooled by
redundant centralised air-conditioning.
•
Outdoor equipment should be designed to operate without air conditioning or a forced air
ventilation system and shall be able to function continuously within its own specific environment
conditions.
•
Outdoor equipment should be designed to meet the specified performance required under the full
range of the local environmental conditions.
•
Equipment not capable of meeting environment requirements should be installed in a secure
cabinet with active cooling.
•
Ambient temperature range for ACS equipment should be (-10°C to +65°C).
•
Ambient relative humidity range should be (5% to 100%) non-condensing.
DOCUMENT CODE: NEOM- NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 87 OF 3 11
Cause
Access Control
All Doors
Access
Controlled Door
Emergency
Break Glass
Unit
Access Control
Reader XXXXX
(Valid)
Access Control
Reader XXXXX
(Invalid)
Access Control
Request To Exit
Access Control
Door Forced
Access Control
Door Held
X
Relevant Door releases
X
X
X
X
X
X
X
X
DOCUMENT CODE: NEOM- NSE-PRC-001
©NEOM [2022]. All rights reserved.
REVISION CODE: 01.00
X
X
PAG E 1 88 OF 3 11
Security Shutters Disengaged
Security Shutters Engaged
Security Cages Disengaged
Security Cages Engaged
Lifts reengaged normal usage
Lifts disengaged (Floor of Choice - Doors Open
Disengage Secondary locking mechanism
Door PIR Reengaged
Engage Secondary locking mechanism
Door PIR disengaged
Security Control Room Notified
Signal Sent to Fire Alarm Panel
Access Control readers un-masked
Signal Sent to BMS to Operate AHU
Signal Sent to BMS to Shutdown AHU
Security Control Room Notified
Signal Sent to Fire Alarm Panel
An Integration Diagram.
Door PSU de-energised
•
Access Control readers masked
A Cause and Effects Matrix
Access Control disengaged
•
Access Control Engaged
Event Recorded on Security Database
X
Camera View xxx available for selection via Work Station alarm
Alarm Indicates On Security Work Station
ACS Reader Housings
Refer to Environmental Requirements – All Systems, Equipment Housing.
Access Control System Integration
As part of the access control strategy, the designer will need to include the following elements:
An example of a cause and effects matrix is provided below.
Effect
An example of an integration illustration is provided below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 89 OF 3 11
Lockdown Systems
Where specified, lockdown capabilities will protect people and assets from marauding attacks by
providing internal safe havens and isolating intruders in areas where responders can remove the threat.
This is a mandatory requirement for all Protection Group Restricted sites, facilities and buildings.
Two types of lockdown should be considered:
•
Dynamic: This is based upon the installed access control points and ability to ‘lock-out’ these points
from further use until deemed safe to do so. This should be enabled via the access control systems
software.
•
Manual: Where individual actions deny access through a designated point by manually locking or
securing the location. This approach is only to be utilised and defined in the security concept of
operations where it is impractical to enable dynamic lockdown.
All lockdown points should be at locations that also provide good levels of delay to forced entry and
where technical surveillance (e.g. cameras) can be achieved to aid situational awareness and response.
Therefore, it is expected that if a door set provides a specific level of delay, the surrounding walls, floor
and ceiling that would give access into the protected space also offer an equivalent level of delay to
forced entry.
Effect of Lockdown
The effect of initiating a lockdown of an area where the person has authority to do so, should be to:
•
Divide the building or site into a number of segregated or compartmentalised zones.
•
Each zone should provide a level of delay to unauthorised or forced entry. The level of protection
needs to be appropriate for the Protection Group and objects being protected by the lockdown.
Activation
Activation of lockdown procedures and actions for a facility, building or a site should be able to be
completed as follows:
•
In less than 3 seconds.
•
Not require the manual locking of any doors or partitions for designated key protective areas.
•
Automatically alert the Security Control Room (SCR) on activation.
•
Be initiated through, or be integrated through, the access control system.
Deactivation
Deactivation of lockdown shall be a controlled process. Deactivation methods will vary by Protection
Group and include:
•
Timed deactivation.
•
Authorised biometric at centrally controlled points by only authorised personnel.
•
Local Security Control Room, but only where it is a secured SCR that would not be subject to duress
or influence.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 90 OF 3 11
Communication
Any facility, site or building that operates a lockdown capability should also have the ability to provide
mass notification to relevant persons, to:
•
Inform of the lockdown, and the need to Run and Hide to those personnel already at the facility, site
or building.
•
Inform of the lockdown and to stay away from the facility, site or building until further notice.
Reference Standards
The following standards should be used when developing the ACS design:
Standard
Description
Disability Discrimination Act 1995 +
Amendment 2005
Ensure all equipment does not impede access to any areas of the
development.
BS EN 60839
Alarm and electronic security systems.
BS 8593
Code of Practice for the Deployment and use of Body Worn Video.
NCP 109
NSI code of practice for design, installation and maintenance of
access control systems.
BSIA A specifier’s guide to access control
systems (Form 132), BSIA
Guide to assist specifiers in grading access control systems in line
with other security applications.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 91 OF 3 11
B4: Intruder Detection Systems
This section should be read where an Intruder Detection System (IDS) capability has been identified.
It is mandatory for Protection Group Restricted sites, facilities and buildings.
Requirements for Enhanced and Baseline sites should be identified through the STRA process.
Overview
The inclusion of an IDS at the facility, site or building will be based upon the site-specific threat and risk
assessment and the identified need to protect specific people, assets or processes.
It will therefore be incumbent on each designer to identify their development’s IDS requirements and
how these are met.
Design Considerations
The following design considerations should be considered when selecting sensors/detectors:
•
Environmental conditions to which the sensor will need to operate in. i.e. would a sandstorm render
the system incapable of detection, will high winds make the detector ineffective?
•
Provide efficient coverage of the distance, area or location to be covered.
•
What is the probability of a positive detection?
•
What is the probability of negative detection or nuisance detection?
•
Are sensors/detectors configured so that they cannot be defeated?
•
Is the system working on a single or multiple ‘knock’ basis?
•
How will an alert be verified?
•
Does the point of detection provide sufficient time for an effective response to be activated, prevent
intrusion or access to the protected object?
•
Are multiple detection technologies required?
Sensor selection is the responsibility of the designer given the specific details of the design location and
the number of technologies required.
IDS Control Panels
All intrusion detection panels shall be installed in secure locations with controlled access.
Panels should be monitored for tampering and fitted with anti-tamper technology.
For efficient arming and disarming of the IDS, a remote arming station (reader/keypad) shall be located
in a secure area near to the main entry/exit door of each building with the relevant sensor shunted for a
variable time to allow for an activation/deactivation code to be entered.
The IDS reader/keypad shall include a duress code facility.
Each control panel shall have an inbuilt memory buffer that stores IDS alarm events and each panel
must be earthed appropriately to avoid any false alarms due to power surges. Individual Intruder alarm
control panels must have a minimum of eight (8) hours of battery back-up to maintain full operation
during a prolonged power outage.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 92 OF 3 11
Where an alarm system is a critical element of protecting the building assets, then an uninterruptible
power supply (UPS), allowing the system to continue functioning for the time directed by local law
enforcement.
IDS Tamper Alarms
All IDS sensors, control panels, and cable containment shall have integrated tamper alarms, and all IDS
components must be installed so that they cannot be tampered with by the public both by design and by
accident. IDS cabling must also have a tamper circuit to detect if it is cut or short-circuited. The tamper
circuit must be active at all times.
IDS False Alarms Rate
The designer must consider the stability of the IDS and document the acceptable threshold for an
acceptable False Alarm Rate (FAR) that is suitable for its use at the specific facility, site or building.
However, false alarms should be a rare occurrence to avoid unnecessary disruption.
At Restricted sites this rate must be below 1 event in every 30 days.
Detection Approach
The following detection approaches should be adopted.
Protection Group
Requirement
Restricted Perimeter IDS
Dual technology based detection with verification cameras.
Maximum 50.0m alarm zones.
Restricted Critical Area IDS
Dual technology based detection with verification cameras.
Maximum 50.0m alarm zones.
Restricted Supporting Area IDS
Single technology based detection with verification cameras.
Maximum 75.0m alarm zones.
Enhanced Perimeter IDS
Single technology based detection with verification cameras or
strong situational awareness with proactive monitoring.
Maximum 50.0m alarm zones.
Enhanced Critical Area IDS
Single technology based detection with verification cameras.
Maximum 50.0m alarm zones.
Baseline Critical Area IDS
Single technology based detection with verification cameras.
Maximum 75.0m alarm zones.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 93 OF 3 11
Reference Standards
The following standards should be used when developing the IDS design:
Standard
Description
PD 6662
Scheme for the application of European Standards for intrusion
and hold-up alarm systems.
NACP 11
Supplementary Code of Practice for the Planning, Installation and
Maintenance of Intruder Alarms.
BS EN 50130-5
Alarm systems. Environmental test methods.
BS EN 50518
Monitoring and Alarm Receiving Centre.
BS 8243 + A1
Installation and configuration of intruder and hold-up alarm
systems designed to generate confirmed alarm conditions. Code
of practice.
BS EN 50130-4 + A1
Alarm systems. Electromagnetic compatibility. Product family
standard: Immunity requirements for components of fire, intruder,
hold up, CCTV, access control and social alarm systems.
BS EN 62676
Video surveillance systems for use in security applications.
BS EN 60839
Alarm and electronic security systems.
BS EN 50136
Alarm systems. Alarm transmission systems and equipment.
BS EN 50131
Alarm systems. Intrusion and hold-up systems. Applicationspecific requirements for Supervised Premises Transceiver (SPT).
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 94 OF 3 11
B5: Duress Alarms
Overview
The primary objective of the duress and panic alarms in this standard are targeted to the protection of
people, assets and sites.
While different types of devices shall feature unique buttons or layouts, the main idea is to have an
emergency button to press, a verbal duress phrase to transmit, or a duress action to demonstrate so
that security staff can observe and respond to people in emergencies.
Anyone responding to such alarms must be trained in security response policies and procedures.
It is mandatory that all Restricted industrial security sites will provide an alarm direct to the Police for an
immediate, and potentially armed response. The sites that have this response will be indicated to the
designers by NEOM Public Safety Department when the Protection Group is confirmed.
It is mandatory that all Enhanced industrial security sites will provide an alarm direct to the site Security
Control Room for an on-site response, unless escalated by the SCR to the Police or other emergency
response service.
It is mandatory that all Baseline industrial security sites will provide an alarm direct to the on-site
designated responders.
Duress Alarm
A duress alarm shall be an activation device placed covertly, but accessibly, which is intended for
security situations where silent notification is appropriate. Typical locations shall include critical
equipment areas, main reception areas within medical, educational, and government authorities’
buildings, as well as higher security financial and administration facilities.
Panic Alarm
A panic alarm shall be an activation device placed overtly and accessibly, intended for security
situations where silent notification is not required. For example, within The Spine rail stations these may
be provided via Help Points.
Considerations
Both duress and panic alarms are electronic devices that shall alert a monitoring station. Each alarm
shall initiate an appropriate response and shall take into consideration the following elements.
•
Layout and scope of the panic alarm and duress security system coverage.
•
Type of activation device (button, switch, keyboard, wireless push button, Kick bar and mobile GPS
unit).
•
Placement of activation device (under a desk, a computer icon, carried on a person, or fixed in the
public realm).
•
Integration with security and building management systems, for example, dynamic lockdown and
VSS.
•
Location and type of annunciation (local/remote and audio/visual).
•
Identification and availability of responders.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 95 OF 3 11
In general duress button activation either via the hardwired duress button or via the wireless
transmitters, a duress signal will be sent to the operators within the Security Control Room (SCR). The
duress signal should take precedence over all activities in the SCR. The security operatives will then
decide upon the action to take based on NEOM security response policies and procedures.
The following table provides some examples:
Protection
Group
Restricted
Example
Device
Name
(Identifier)
Example
Purpose of
Sensor
(Cause)
Fixed Panic
Button
Under Desk
Wireless
Panic /
Duress
Device
carried by
staff inside a
building
possibly a
lone worker
Example
Type of
Alert
Example
Alert
Description
A
deliberately
operated
push button,
for personal
use in an
attack or
duress
situation, to
alert the
security
control room
of an attack
situation
Hold Up
Attack –
Priority 1
Personal
Attack /
Hold Up
A wireless
Radio
Frequency
Identification
device
(RFID)
carried by a
person as
they move
around a
building
Suspicious
activity
observed,
i.e.
tailgating
Priority 2
Example
Response
Example procedures for
responding to panic and
duress alarm
annunciation
summarised below:
SCR guards verify alarm
and record events using
VSS
Summon police
response
Contact on-call manager
Personal
response
required.
Continue to report
ongoing activity to the
police
Use VSS to follow
activity
Deploy external guard to
meet attending police
Record as panic or
duress incident
Acknowledge and once
actioned reset the
system
Mobile Panic
/ Duress
Device
carried by
staff outside
of a building,
i.e.
Maintenance
Staff
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 96 OF 3 11
Performance Requirements
Duress alarms shall provide the following minimum requirements:
Fixed / Wired
•
•
•
•
•
Fixed duress buttons shall be deliberately operated devices requiring two separate actions before
activation.
Mechanical latching action released / reset by a key.
Metal-clad construction.
Normally closed contacts that shall open on activation.
For medical facilities and similar alert applications, a mushroom type push button is required.
Fixed / Mobile Wireless
•
•
•
•
•
Wireless devices shall provide intelligent location-based technology allowing for immediate
reporting of employees or assets on a web-based management reporting system optimised for
mobile and tablet devices.
Mobile duress devices shall use Bluetooth transmitters that repeatedly broadcast their presence
to other nearby Bluetooth detectors. Each beacon shall have its own Unique Identifier (UUID) and
when in range of a Bluetooth ‘detector’ it can recognise the specific UUID and report its
whereabouts in real-time onto either an online console or a mobile application.
Each duress device shall be capable of integration with Wi-Fi and other sensor technologies or to
be a completely standalone system resulting in a self-monitoring solution that can provide SMS
alerts to registered numbers that can also provide real-time location information to third parties for
use with security management applications and services.
Fixed and mobile devices are to be made of robust, durable, hardwearing and waterproof
materials adaptable to their environment.
Panic buttons and duress alarm devices shall have a wide variety of mounting and enclosure
options, including devices that can be worn as wristbands and lanyards and devices that can be
attached to or easily associated with any existing employee identity or access control card.
Card reader duress options
Other duress options that the designer shall consider for each ACS reader shall include but are not
limited to the following:
•
Initiate Dynamic Lockdown if under duress.
•
Deny if under duress.
•
Inform SCR of duress incident at specific reader within a defined security zone.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 97 OF 3 11
Advisory requirements
The design should also take into consideration the development of policies and related procedures
which clearly define the following:
•
Appropriate use of the system including how and when to activate the alarm as well as clearing the
alarm and resetting the alarm.
•
Response protocols (internal and external).
•
Preventive maintenance, inspection and testing of applicable devices.
•
Establishing interim procedures during system downtime.
Documenting system activations including:
•
Reporting of malfunctions or other maintenance issues immediately and addressing functional
issues promptly.
•
Reviewing the system on a regular basis as part of the security vulnerability assessment. The
system should be modified as needed based on evolving requirements or the mitigation of identified
risks.
Reference Standards
The following standards should be used when developing the Duress and Panic Alarm System design:
Standard
Description
BS EN 50131
Alarm Systems. Intrusion and hold-up sytems.
BS EN 50518
Monitoring and Alarm Receiving Centres.
PD 6662
Scheme for the application of European Standards for intruder and
Hold-Up Alarm systems.
PD 6669
Guidance for the Provision of Alarm Transmission Systems (ATS).
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 98 OF 3 11
B6: Security Lighting
Overview
The primary desired security effect is in support of surveillance assets, be they technical or operational.
The illumination type must be suitable for the surveillance type being employed. i.e. Infra-Red (IR)
illumination may well be a good choice for camera systems, but if operational staff need to operate in the
same area this is unlikely to provide the levels of illumination for them to move safely and identify
intruders, damage etc.
Dark Skies Policy
NEOM is committed to the creation of Dark Skies Policies. Policies seek to reduce the amount of light
pollution emitted directly upward or reflected from the ground to the sky.
The requirement to reduce light pollution and save energy will present challenges to lighting designers
for security as they will need to consider the following:
•
Minimising visible light.
•
Moving towards motion detection activated illumination which may not be suitable for a number of
security applications.
•
The use of Passive Infra-Red activation measures where possible.
•
Directional design for visible light.
•
The use of surveillance technology that is not visible light dependent.
•
Use of the lowest level of lighting appropriate for the purpose and location of the lighting source.
Performance Requirements
General Functional Requirements
•
Preference should be given to the use of ambient light wherever possible, unless required to meet
specific security or safety requirements.
•
Each perimeter light shall be connected to a different ring main than the light adjacent to it.
•
Perimeter lights shall be powered by an emergency power generator in the event of power failure.
•
Each lighting fixture of perimeter lighting shall be protected by circuit breaker in a secure
compartment with a suitable lock.
•
The lighting controls shall be designed so the lights are energized prior to darkness, or during the
day, at a time suitable for the run-up period of the lamps used.
•
All switchgear controls and switches for security lighting shall be located in a locked and secure
facility.
•
All VSS cameras to incorporate infrared illumination so continuous visual band illumination will be
provided. This does not apply to thermal band cameras.
•
Energy efficient lighting should be used wherever possible.
•
The use of sodium lighting or ‘yellow light’ should be avoided as it does not provide an effective
colour rendition, either for the human eye or surveillance technology, as white light halogen or LED
lighting.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 1 99 OF 3 11
•
Provide uniform illumination to avoid the development of shadows or severe illumination contrasts.
•
Where lighting is used in the public realm, lighting should be used to support the hierarchy of
pathways. It should encourage the use of primary routes through well-lit pathways and discourage
routes without lighting or low levels of lighting (as per the below image). This is based on the
principle that the public will perceive a well-lit area to be safe and secure. As such the lighting
design should support those routes which do not increase the opportunity for criminality.
•
Lighting should be designed in such a manner as to minimise unwanted glare.
•
Lighting/illumination infrastructure should not cause other security concerns such as climbing aids
etc. In general, anything that could be classed as a climbing aid should be a minimum of 3.0m away
from anything be protected.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 00 OF 3 11
Perimeter Illumination
Perimeter illumination using visual band light should be considered as the exception and used only in
areas where its use is essential for supporting safe movement. Where visual band light is required the
following should be considered:
•
Fixed perimeters: Visible (i.e. non-IR) illumination of the perimeter should only be used where is
supports safe and effective working of the Guard Force. If there is no guard force, then the need for
constant illumination should be considered.
•
The illumination zone is a strip of 3.0m outward and 3.0m inward of the perimeter barrier or 3.0m
outwards of the building façade.
•
The lighting in all areas shall be designed so that it does not interfere with cameras and does not
intrude into the camera field of view to the extent that camera performance is affected.
•
At existing facilities, lighting output shall be measured and recorded. Measurements shall be taken 2
hours after local sunset. Shared fence lighting has special requirements for this measurement.
•
Lighting design for parking facilities shall be in accordance with IESNA RP-20.
•
If visual band light is required, then the following minimum should be achieved where only camera
usage is required:
o
Horizontal: 5 Lux minimum @ 100mm above ground level. Uniformity to be a minimum of 2:1
average to minimum.
o
Vertical: 2 Lux minimum @ 300mm above ground level and normal to the fence line.
o
The illumination should be present during all hours of darkness and should not be event
activated. Rather it should be activated through the use of a central switch(s).
o
If cameras are being used, then colour rendition of the light should be above 60.
o
Illumination should be provided to cover any vulnerable points.
Computer plotted prints shall be supplied with all security lighting proposals showing grid patterns and
calculations covering perimeter, area lighting at perimeter fences and shared fence lighting. Grid size on
the plotted points shall be based upon a grid of 10.0m square while a grid of 3.0mx3.0m shall be used
for perimeter lighting.
Average levels of lighting for security purposes where security personal movement occurs should be a
minimum of:
Location
Lux
Vehicle parks
10
Walkways
20
Stores and loading bays
100
Perimeter lighting shall illuminate the fence line and its surrounding area with the minimum light levels
specified in the below. Lighting along the fence line shall be uniform with all light illumination overlapping
adjacent light illumination.
Location
Lux
Fence +/- 1.0m
23
Fence +3.0m internally
20
Fence +10.0m externally
12
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 01 OF 3 11
This measurement shall be taken during fully dark time (2 hours after sunset) with existing facility lights
turned off. Higher lighting level should be added if required for surveillance systems.
Public Spaces
Average levels of illuminance that should be considered for security purposes are:
Location
Lux
Pedestrian areas
20
Vehicle parks
10
Sports stadia and similar venues – minimum level for stands and exit areas.
30
Reference Standards
The following standards should be used when developing the Security Lighting design:
Standard
Description
Lighting Against Crime
ACPO Secured by Design 2011.
BS 5489-1
Code for the design of road lighting and public amenity areas.
BS 12665
Light and Lighting. Basic terms and criteria for specifying lighting
requirements.
BS EN13201-2
Road lighting performance requirements.
BS EN 62717
LED modules for general lighting.
BS EN 12464
Lighting of workplaces.
BS EN 5266-1
Emergency Lighting Code of Practice for the emergency lighting of
premises.
Lighting Guide for the Built Environment.
Lighting Guide 6
The exterior environment. The Society of Lighting Professionals
part of the Chartered Institute of Building Services Engineers.
January 2016.
Guide to Limiting Obtrusive Light
The Society of Lighting Professionals part of the Chartered
Institute of Building Services Engineers. November 2012.
Guidance Note 01/20
Guidance Note for the reduction of obtrusive light. The Institution
of Lighting Professionals.
LG06/16
Chartered Institute of Building Services Engineers Lighting
Handbook (LG06 and LG15).
LG12
Lighting Guide 12 – Emergency Lighting.
Saudi Building Code SBC 401
Saudi Electrical Code.
SASO 2870/2015 Regulation
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 02 OF 3 11
B7: Cyber Security
‘An object-orientated model, where individuals, objects and assets interact within the security system,
and physical and cyber converge.’ NEOM Technical Strategies Report - Security
NEOM’s embrace of a fully converged system architecture, with all elements being treated as objects in
a virtual eco-system will attract both malicious and curious cyber activity. It is therefore essential that all
systems are cyber-secure and conform to minimum standards to avoid vulnerabilities within the ecosystem architecture.
The sequence and frequency of Identification, Authentication, Re-authentication and Authorization
(IARA) is a key element of the cyber-physical convergence. Therefore, systems should be designed with
this criterion in mind.
This section introduces the underpinning generic requirements, and the NEOM Cyber Security Lead
should be consulted for more detailed considerations, along with complying with the security system
cyber security requirements defined by the NEOM IT and Cyber Security Teams.
For specific systems, the designer may be requested to complete a specific cyber-security risk
assessment to understand fully the threat vectors applicable and therefore the additional cyber-security
measures that will need to be included in the system design. Consideration must be given to hardware
middleware and software for control systems and security systems.
Cyber Security measures shall be the final part of a Plan-Design-Check-Act (PDCA) approach to threat
management of a converged physical, technical and logical network and physical security network
designers and operators shall utilise the PDCA cycle to evidence how cyber-security has been
evaluated in their design process. This should include a simple topology schematic showing system and
object connectivity that will be enabled.
The overarching tenet being that all systems should be designed with cyber-engineering
inherently considered, so that each system/object is considered ‘hardened’ against cyber, virtual
and logical threats.
As a baseline, all systems should be compliant with the:
•
NEOM Information Security Policy: CS_GRC_Pol_102.
•
KSA National Cyber Centre requirements.
•
ISO27001.
All systems should be able to evidence an appropriate cyber-secure engineered standard, such as the
UK Cyber Essentials Plus scheme or equivalent.
Control and safety systems are more likely to operate under regimes determined by the IEC 615082 and
ISA/IEC 624433 standards.
Physical Design Considerations
Physical security and resilience of networks and infrastructure are key to maintaining availability of the
systems.
Security Assets shall have dedicated duct(s) and Fiber Optic Cable(s).
The LAN deployed for security shall be dedicated to security systems and designated as security
network (SECNET).
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 03 OF 3 11
SECNET shall be implemented with redundant, physically discrete networks.
SECNET cabling shall be physically installed in separate discrete physical ducts or sub-ducts,from other
facility's cabling.
All security devices, except field devices, with LAN connectivity requirements shall have two, physically
discrete, network connections and shall automatically connect to the active LAN.
SECNET shall have a dedicated router/switch to connect to a backbone or public network.
It is key that measures are taken at each facility and site to ensure that a local vulnerability does not
exist, and that a cascading vulnerability does not develop through the City eco-system. i.e. the
downstream and upstream effects of their network, infrastructure and information.
The information held by each system should be prepared at each design stage to evidence that this has
been considered and that adequate information security is planned.
The following physical measures shall be implemented to mitigate or reduce the potential likelihood and
impact of cyber security threats. These measures shall be applied by the designers for the following.
Protection Group
Restricted
Enhanced
Baseline
Core Network Physical
Security
Resilience of Infrastructure
Core network hardware to be within
electronically access controlled
equipment room.
Fault-tolerant architecture with
redundant capacity systems and
multiple distribution paths
Secure Configuration
The following functional components of secure configuration shall be implemented during design and
operation of any system:
•
Physical Security – this includes access to physical ports, removable media, debug interfaces,
tamper-protection boundary and resistance to attacks such as loss of power. The product may
consist of some elements that are deployed in a non-secure area and other elements that are
deployed in a secure area or secure enclave – these may have different requirements.
•
Secure Configuration – the product must follow NEOM’s Cyber Policy with controls over who can
change configurations.
•
Network Security – the product will consist of elements that need to communicate with each other or
to other systems. There must be controls on all pathways and objects suitable to the accessibility
and potential vulnerability associated with each.
•
Authentication management (Access Privileges) – use of Multi Factor Authentication (MFA) where
necessary as dictated by the protection group and the system criticality or information holding, with
unique credentials for each individual user, with privileges based on Need for Access and not on
seniority.
•
Monitoring – systems should be engineered to monitor for potential breaches and rules-based
violations.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 04 OF 3 11
Cyber Audit Requirements
Unless superseded by the aforementioned policies and standards, the following activities are required to
be completed at least annually by the facility operator and its staff:
•
Review of cybersecurity management policy and procedures.
•
Review and updating of the site/facility cybersecurity risk assessment.
•
Review the cybersecurity incident response plan.
•
Undertake an incident response exercise.
•
All staff to undertake cybersecurity awareness and training.
Reference Standards
The following standards should be used when developing the Cyber Security design:
Standard
Description
CS_GRC-Pol_101
NEOM Information Security Policy Summary
CS_GRC-Pol_102
NEOM Information Security Policy
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 05 OF 3 11
B8: Perimeter Security Barriers – Fences and Gate Houses
The following section sets out design requirements for the use of pedestrian barriers at Industrial site
and facility perimeters within NEOM. It is recognised that Industrial sites and facilities may require a
stronger and more visual security infrastructure overlay than other Non-Industrial locations in NEOM.
Wherever possible solutions should be technology led, leading to security staff efficiencies and
stronger more immediate situational awareness.
The requirements based on each Protection Group are as follows.
The Minimum Delay is the overall time measured from the first credible point of detection to either a
critical or protected area of the site or facility based on an individual on foot. It should be noted these
are the minimum, and if it would take longer for an intervention force/Police response, the delay time
should be increased to match or exceed this time.
If a vehicle based threat is identified on the STRA as significant then Section B10 should be referred
to for the application of VSBs.
Protection Group
Perimeter
Baseline
•
External Clear Zone: Min. 3.0m.
•
Fence/Barrier: Min. 3.0m.
•
Detection: On fence/barrier or internal (if required).
•
VSS: Perimeter coverage / Min. images: 25ppm.
•
24hr capability required.
•
Internal Clear Zone: Min. 2.0m.
•
External Clear Zone: Min. 3.0m.
•
Fence/Barrier: Min. 3.0m.
•
Detection: Internal or on fence/barrier.
•
VSS: Continuous coverage / Min. images: 62ppm, with
PTZ for tracking.
•
24hr capability required.
•
Internal Clear Zone: Min. 3.0m, including detection zone
if not fence/barrier mounted.
•
External Clear Zone: 3.0m.
•
Outer Fence: Min. 3.0m.
•
Detection Zone: 5.0m
•
VSS: Continuous coverage / Min. images: 62ppm,
•
with PTZ tracking to 125ppm.
•
24hr capability required.
•
Inner Fence: Min. 3.0m.
•
Internal Clear Zone: 5.0m.
Enhanced
Restricted
DOCUMENT CODE: NEOM-NSE-PRC-001
Minimum Delay
5 mins
10 mins
15 mins
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 06 OF 3 11
Baseline Example Minimum Standard Section
Enhanced Example Minimum Standard Section
Restricted Example Minimum Standard Section
The following points should be complied with:
•
All clear zones should be free wherever possible of obstructions and climbing aids. Where this is
not achievable then consent from NEOM Public Safety Department should be obtained. The
designer will need to prove that situational awareness and detection are not degraded.
•
Technology should be used to provide virtual perimeter patrols, therefore negating the need for
formal perimeter patrol roads. However, quick access to all points of the perimeter is expected by
on foot and by a 4x4 vehicle. Existing roads and maintenance roads are acceptable at a minimum
width of 4.0m.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 07 OF 3 11
It is highly unlikely that the overall security effect can be achieved using a single layer approach and
therefore defence in depth and multiple layers should be employed. This should also negate single
points of failure in the overarching security strategy.
The Requirements for Entry Points and Gatehouses
The following are the requirements for each of the Protection Groups.
All Groups:
The roadway approaching a gatehouse shall have a chicane or zigzag design to retard the speed of
incoming vehicles. This may be augmented by additional speed retardation devices and designs if so
required by the proponent. A 90-degree turn leading to the gatehouse shall be an acceptable
alternative to a chicane.
•
The approach to the gatehouse after the chicane/speed control devices shall be no longer than
50.0m in order to minimize the distance the vehicle has available to accelerate to the gatehouse.
•
The sides of the roadway in the chicane shall have barriers that shall prevent a vehicle from
driving or cutting across the chicane.
•
Each lane in the gatehouse inspection area shall have medians separating each lane of traffic.
The medians shall be sized to allow installation of lane equipment and permit a safe area for
security personnel to stand on. The height and width of the median shall be sized as needed for
safe operation. The width shall not be less than 800mm.
•
The gatehouse should be in front of the facilities and exactly at the center of the entry, between
the entrance and exit lanes.
•
An audible and visual alarm shall be provided that is activated via pushbutton in the gatehouse
during an emergency. The pushbutton shall be protected against accidental activation but shall
not be locked at any time. The audio alarm shall be audible to all personnel in the gate area and
the visual alarm shall be placed in multiple locations to ensure clear visibility to all personnel in
the gate area. Once alarm is activated, it shall annunciate an alarm at the SCR.
•
Only security devices that require security personnel interaction or review shall be installed in the
gatehouse. The gatehouse may not be used for installation of other support and infrastructure that
are not directly required for security.
•
While the gatehouse may be used to display alarms for specified security related activities at the
gate, it may not be used for SCR functions, unless specifically identified and recommended in the
STRA.
•
A rejection U-turn lane shall be provided for vehicles denied access shall be able to turn around
without entering the facility. The rejection lane turning radius shall be sized for the largest vehicle
expected to enter the facility. The rejection lane/turning point shall be located before the
gatehouse.
•
Each entry and exit lane shall have a clearly visible traffic light type setup that will inform users
from a distance if a lane is operational or closed.
•
All lanes and traffic flow directions shall be clearly marked on the roadway.
•
Roadway containment in the access control and inspection area shall prevent inbound vehicles
from unauthorized access and shall extend from the inspection area to the end of the Response
Zone.
•
The containment shall consist of passive barriers on either side of the roadway that shall deny a
vehicle entry to the facility until the end of the Response Zone.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 08 OF 3 11
Protection Group
Baseline
Enhanced
Requirement
•
Preferred automated entry points where practicable.
•
Vehicle control barriers to be installed across all lanes for traffic control.
•
Emergency gates to be included where required by the emergency services or
site evacuation plan. All to be covered by VSS and ability to be lit to provide
adequate task lighting at a nominal 100 Lux.
•
All gates should be fully closeable to the same standard as the surrounding
perimeter barriers. These should be lockable to provide the same level of
delay as a cutting attack on the perimeter barrier.
•
If a staffed entry point is required, then a gatehouse should be provided sized
to incorporate the activities required at that point. At least one form of
communication should be provided to a supporting SCR or response point.
•
Preferred automated entry points where practicable.
•
Vehicle control barriers to be installed across all lanes for traffic control.
•
Emergency gates to be included where required by the emergency services or
site evacuation plan. All to be covered by VSS and ability to be lit to provide
adequate task lighting at a nominal 100 Lux.
•
All gates should be fully closeable to the same standard as the surrounding
perimeter barriers. These should be lockable to provide the same level of
delay as a cutting attack on the perimeter barrier.
•
Vehicle Control Barriers:
•
•
•
o
Vehicle speed reduction measures should be incorporated on the
approach to any gate that reduces the achievable speed at the gate line
to 48kph for a 7,200kg (N2/N3C under IWA-14).
o
Vehicle control barriers should be provided on each lane at the gate line
to help position vehicles trying to gain entry.
o
VSBs only need to be incorporated at the gate line where a need has
been identified during the STRA process.
Gatehouse Protection:
o
If not reinforced concrete, a vehicle impact barrier should cover the full
width of the attack face of the gatehouse. (IWA-14)
o
Ballistic protection for glazing, doors and walls to conform with a level of
protection at FB/BR6 + SG2.
o
Entry doors to be placed on facades 90o away from the vehicle lanes.
o
Gatehouse structure to protect against a PBIED attack.
Systems:
o
All security and life support systems to be on UPS.
o
Duress alarms to be provided.
o
At least 2 diverse communication methods.
o
Doors to the non-public areas of the gatehouse should be access
controlled using dual factor authentication.
o
The activity area and façade of the gatehouse should be covered by VSS
with min. image resolution 125ppm.
Gatehouse Sizing:
o
Sized to the activities to be undertaken at the location.
o
In-house welfare facilities to be provided.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 09 OF 3 11
Protection Group
Requirement
•
o
Sun shading to be provided to support any external activities. The sun
shades should be installed above 5.5m in height to allow the full range of
vehicles entry to the site.
o
360o visibility should be provided for the gatehouse.
o
Two parking bays should be provided for facility security vehicles.
o
Adequate vehicle parking spaces shall be provided to allow parking of
gate personnel and visitors without obstructing traffic flow.
o
Five visitor parking bays should be provided outside of any VSB lines.
o
If required, a visitor center shall be adjacent to the gatehouse.
o
Rejection lanes are to be provided without vehicles needing to traverse
any VSB lines.
Pedestrian Entry Points:
o
Restricted
To be positioned within 10.0m of the gatehouse and be covered by VSS
to an image quality to 250ppm.
•
Preferred automated entry points where practicable.
•
Vehicle control barriers to be installed across all lanes for traffic control.
•
Emergency gates to be included where required by the emergency services or
site evacuation plan. All to be covered by VSS and ability to be lit to provide
adequate task lighting at a nominal 100 Lux.
•
All gates should be fully closeable to the same standard as the surrounding
perimeter barriers. These should be lockable to provide the same level of
delay as a cutting attack on the perimeter barrier.
•
VSBs:
•
•
o
Vehicle speed reduction measures should be incorporated on the
approach to any gate that reduces the achievable speed at the gate line
to 48kph for a 7,200kg (N2/N3C under IWA-14) where a full VSB
perimeter is to be installed.
o
Vehicle speed reduction for sites that provide VSB at critical points of the
site, but not a full perimeter, should achieve speed management to those
measures not the gate line.
o
VSB barrier controls should be adequately protected with equipment
cabinets in a protected area or in an internal equipment room as part of
the gatehouse.
Gatehouse Protection:
o
If not reinforced concrete, a vehicle impact barrier should cover the full
width of the attack face of the gatehouse. (IWA-14)
o
Ballistic protection for glazing, doors and walls to conform with a level of
protection at FB/BR6 + SG2.
o
Entry doors to be placed on facades 90o away from the vehicle lanes.
o
Gatehouse structure to protect against a PBIED attack.
Systems:
o
All security and life support systems to be on UPS.
o
Duress alarms to be provided.
o
At least 2 diverse communication methods.
o
Doors to the non-public areas of the gatehouse should be access
controlled using dual factor authentication.
o
The activity area and façade of the gatehouse should be covered by VSS
with min. image resolution 125ppm.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 10 OF 3 11
Protection Group
Requirement
o
•
•
Under-Vehicle Imaging System is to be employed on all incoming lanes.
Gatehouse Sizing:
o
Sized to the activities to be undertaken at the location.
o
In-house welfare facilities to be provided.
o
Sun shading to be provided to support any external activities. The sun
shades should be installed above 5.5m in height to allow the full range of
vehicles entry to the site.
o
360o visibility should be provided for the gatehouse.
o
Two parking bays should be provided for facility security vehicles.
o
Adequate vehicle parking spaces shall be provided to allow parking of
gate personnel and visitors without obstructing traffic flow.
o
Five visitor parking bays should be provided outside of any VSB lines.
o
If required, a visitor center shall be adjacent to the gatehouse.
o
Rejection lanes are to be provided without vehicles needing to traverse
any VSB lines.
Pedestrian Entry Points:
o
To be positioned within 10.0m of the gatehouse and be covered by VSS
to an image quality to 250ppm.
Use of the Building Façade as part of the Layered Defence for Highly Visual Areas
It is recognised that certain Industrial facilities may be in highly visual locations, potentially with high
footfall adjacent to them, around NEOM. In these circumstances it is inappropriate to have highly
intrusive or more ‘military’ style perimeter treatments. The same principles will however still apply,
being:
•
A designed perimeter barrier will still be needed to provide territorial demarcation and separation.
•
The barrier should have a clear zone both on the outside and inside of a minimum of 2.0m, free
from other infrastructure or climbing aids.
•
The 2.0m clear zone internal to the barrier is used as a detection zone for technology based
systems. This is internal to avoid excessive nuisance alarms from the high footfall area on the
exterior.
•
A camera based system must be present to allow remote verification of an intrusion.
•
The designer must demonstrate that the layered delay time to any critical or protected areas of
the facility is adequate for a response to stop the intrusion.
•
Delay times can utilise the building façade and internal lines of delay.
Potential examples are shown in the following images.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 11 OF 3 11
Primary functions
The primary functions of pedestrian barriers within NEOM are as follows:
•
To delineate between public and private spaces and provide stand-off range where required to
critical elements of a facility or site.
•
To provide an obstacle against hostile intrusion onto Industrial sites.
•
To provide resistance against burrowing, scaling or penetration of a barrier system.
•
To allow for the authorised access of people and vehicles at designated perimeter locations
controlled either by technology or a staffed gatehouse.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 12 OF 3 11
•
To act as a host for other security detection equipment such as VSS, IDS and security lighting.
•
To provide privacy screening of the location, if required and in conjunction with either solid panels
or coverings.
Standard Fence Panel Example
The following images (see following page) and infographics provide the base standard for a 3.0m high
weld-mesh security fence. This represents the Baseline condition.
The Baseline fence will be:
•
A minimum of 3.0m above finished ground level.
•
Follow ground contours to provide the minimum height at all points.
•
Gates will provide the same level of delay with a maximum gap below each gate leaf of 50mm.
•
Be made from weld-mesh with a mesh size of 75.0mm x 12.5mm.
Further specification can be found in BS1722: Part 14 which provides details on:
•
High security fences.
The following performance standards shall also be met:
•
Fence shall run in straight lines as far as possible. Where changes of direction are required the
angle shall not be less than 90 degrees.
•
Fences shall match the terrain profile. When required due to terrain the fence panel width may be
reduced from the nominal 3.0m width requirement and shorter panel widths may be used with
fence posts increased in length as needed. This may create a stepped profile on top of the fence.
The razor tape shall seamlessly cover this profile.
•
Where the fence crosses features such as streams and drainage ditches and where conforming
of the fence to the ground contour is impractical, the fence shall span the depression.
•
A reasonably smooth profile at the fence line shall be provided.
•
The bottom of the fence shall not be more than 25.0mm (1 in) above the finished ground line. In
sections where 25.0mm (1 in) cannot be met, the space below the bottom of the fence shall be
closed with extra fence panel or barbed wire. If extra length fence posts are required at such
locations, they shall be furnished and installed in lieu of standard length posts as may be
required.
•
All line posts shall be equally spaced at 3.0m intervals or less.
•
Posts shall typically be 3.6m in length or as required by fencing system design.
•
Fence line, corner, end, gate, brace or pull posts shall be spaced as needed to guarantee fence
stability or as required due to changes in vertical or horizontal alignment.
•
Posts to be coated both externally and internally.
Perimeter Penetrations
•
Perimeter penetration by pipelines, conveyer systems, culverts, storm drains, sewers, air intakes
exhaust tunnel, and utility opening shall be either under or over the fence and shall comply with
the methods specified in this section.
•
No structures related to the perimeter penetration shall be constructed in the fencing system’s
internal interface or external interface zones.
•
Dedicated surveillance cameras shall be deployed at the perimeter crossing and shall be
monitored at the security control center.
•
The functioning and layout of the fencing system shall not be impacted by the penetration.
•
Guardrails shall be installed at the transition point where the pipeline enters/exits the ground.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 13 OF 3 11
Under Fence Penetration
•
Under fence penetration shall be limited to pipelines.
•
The Pipeline shall be buried outside the internal and external interface zones of the fencing
system.
•
If concrete culvert is required, opening shall be sealed on both sides with grates sized to prevent
ingress of human and small animals. The grates shall conform to the shape of the culvert.
•
Sensors shall be installed to detect tamper/breach attempts.
Over Fence Penetration
•
Over fence penetrations shall maintain a minimum of 7 m height from the base of anti-personnel
fence throughout the external and internal interface zones of the fencing system.
Concertina wire shall be installed to cover the penetration throughout the external and internal
interface zones of the fencing system.
The design of each security gate shall include 3 consecutive area zones:
•
Approach Zone: This is the area external to the gate in which vehicles and pedestrians move
towards the gate. The approach zone includes the Vehicle Approach Speed Management
(VASM).
•
Access Control Zone: This is the area immediately in the gatehouse vicinity where vehicles and
pedestrians are screened and permitted or denied entry to the facility. The access control zone
includes the auxiliary gate, the gatehouse, the gatehouse inspection area, the gate support
facilities, the access management area, and the additional inspection area.
•
Response Zone: This is the area inside the facility and include containment measures to prevent
and reject unauthorized access. This response zone includes the final denial crash barrier and the
over watch.
•
Response Zone is required for Protection Group Restricted. The response zone is the roadway
between the gatehouse and a certified, deployable VSB which shall prevent unauthorized
vehicles from entering the facility after passing the access control and inspection area.
•
The length of the response zone shall be calculated based on the configuration of the gate and
calculated from the rear end of the gatehouse.
•
The roadway shall be bordered with roadway containment to prevent any vehicle from bypassing
the response zone.
•
VSB shall not be installed next to or in line with the gatehouse, nor shall they be collocated with a
drop arm barrier.
•
Gatehouse personnel shall have a clear view of the roadway between the barrier and the
gatehouse to ensure routine barrier deployment will not cause problems when vehicles are
traversing the roadway.
•
Manned gates with security systems/devices shall require a support building with toilet and prayer
facilities and separate, dedicated rooms for security system support equipment installation. Toilets
shall not be more than 20.0m away.
•
Manned gates without security systems/devices shall require a support building with only toilet
and prayer facilities if the nearest existing toilet facilities are more than 20.0m away.
•
Unmanned gates with security systems/devices shall only require separate, dedicated rooms for
security system support equipment installation if the nearest existing security system support
equipment room is not within ethernet connectivity limits (i.e. Balanced twisted-pair cable limit of
≈90.0 m (295 ft)).
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 14 OF 3 11
•
Security system support equipment (i.e. network equipment) shall be installed in a dedicated
room in gate support building. Security system support equipment shall not be installed in the
gatehouse.
•
All Gate buildings (Gatehouses, other gate support buildings) and security systems field devices
in Gate area (such as Cameras and ACS readers) shall be within ethernet connectivity limits (i.e.
Balanced twisted-pair cable limit of ≈90.0m (295 ft)) from Security system support equipment
rooms.
•
An audible and visual alarm shall be provided for all gate support buildings occupied by security
personnel.
•
All gate support buildings occupied by security staff shall be protected with an anti- vehicle barrier
deployed on all sides facing traffic.
•
All gate support buildings occupied by security staff shall be within unobstructed line of sight to
the gatehouse.
•
The top of the installed post shall be covered with a cap that is secured using either a pop rivet,
screw, or bolt.
Visibility Index: Specifies how security personnel patrolling the perimeter will have their view
obscured by the fence fabric. It is computed by determining how much of the fence material in a
single typical 3-meter panel obscures vision.
•
The Visibility Index (VI) may not exceed 45% unless otherwise specified by Security Risk
Assessment or by NEOM Public Safety - Security. This requires that no more than 45% of the
fence panel area may be covered with fence wiring and strips.
The VI is determined as follow:
•
Determine total area covered by the width of all vertical and horizontal wires/strips in a single
typical 3.0m panel (not including razor tape or fence posts) when viewed perpendicular to the
fence line.
•
Add coating thickness of all wires in the panel.
•
Determine the total surface area of the typical 3.0m panel (including all wires).
•
Subtract the area from 1 and 2 from the area calculated in 3.
•
Determine the % that is obscured.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 15 OF 3 11
Reference Standards
The following standard should be used when developing the security rated pedestrian barrier system
design:
Standard
Description
BS 1722 – Part 1 to Part 18
Fences.
LPS 1175 – Issue 8
LPS1175 focusses on the physical security of ‘intruder resistant
building components’, which includes strong-points, security
enclosures, free-standing barriers, and any products that fall within
those categories, such as doors, shutters or fencing
Crime Prevention Through Environmental
Design
Crime Prevention Through Environmental Design (CPTED) is
defined as a multi-disciplinary approach for reducing crime
through urban and environmental design and the management
and use of built environments.
Secured by Design 2019 UK
SBD is a police initiative that improves the security of buildings
and their immediate surroundings to provide safe places to live,
work, shop and visit.
UFC 4-022-03
Uniform Facility Codes Security Fences and Gates.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest
revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 16 OF 3 11
High Security Fence – Elevation
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 17 OF 3 11
High Security Fence – Minimum Performance Requirements
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 18 OF 3 11
B9: Vehicle Security Barriers
Overview
This section applies to any location with a Protection Group of Restricted or the site-specific Threat and
Risk Assessment identifies a need for the protection of people or assets against a hostile vehicle threat,
whether that be a Vehicle As a Weapon (VAW) attack or a Vehicle-Borne IED.
Whilst many of the NEOM vehicles are set to be automated and driverless, the need for Hostile Vehicle
Mitigation (HVM) may remain in industrial locations where traditional vehicles may still be required for an
extended period. This is likely to be the case for the NEOM Industrial City due to the Port and also any
facilities that can be accessed from highways and roads through the region.
The Design Process
For the successful design of a HVM scheme, a multi-stage process is required in order to develop the
relevant performance requirements, through a well-defined Operational Requirement (OR). The OR
process is robust and will illustrate the relevant factors in selecting the right scheme, rather than a
blanket application of Vehicle Security Barriers (VSBs).
The following requirements apply to Industrial site Protection Groups:
•
•
•
Restricted Sites:
o
Designer to consider whether perimeter deployment or more localized critical asset deployment
is beneficial.
o
Where a full perimeter is selected, VSBs must be installed internal to the outer fence, with a
clear spacings between fence and VSBs of 3.0m.
o
All measures to be either certified to IWA-14 or a recognized national standard referenced in
IWA-14.
o
Spacings are to form a continuous line of protection with maximum spacings of 1,200mm
applied.
o
At entry points single line active measures are to be used unless the STRA indicates a risk of
multiple attacks or forced tailgating.
Enhanced Sites:
o
Designer to consider whether perimeter deployment or more localized critical asset deployment
is beneficial.
o
Where a full perimeter is selected, VSBs must be installed internal to the outer fence, with a
clear spacings between fence and VSBs of 3.0m.
o
All measures to be either certified to IWA-14 or a recognized national standard referenced in
IWA-14.
o
Spacings are to form a continuous line of protection with maximum spacings of 1,200mm
applied.
o
At entry points single line active measures are to be used unless the STRA indicates a risk of
multiple attacks or forced tailgating.
Baseline Sites:
o
Not required unless indicated through the STRA process.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 19 OF 3 11
The following image highlights the design steps and design considerations that should be considered
through the various design stages by the designer for a HVM scheme.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 20 OF 3 11
Threat
There are two vehicular based threat types to be considered. Dependent upon the assessed threat type
and level, the designer should select an applicable mitigation strategy, summarised in the later sections.
•
Vehicle As a Weapon (VAW) – the use of a hostile vehicle to target Crowded Place, as part of a
crude and simplistic attack methodology. Pedestrians are targeted by driving a vehicle at crowds
with the intent of killing and injuring multiple casualties.
•
Vehicle-Borne Improvised Explosive Device (VBIED) – the use of a vehicle to store, carry and
ultimately detonate an explosive load against an identified target.
Further to the potential vehicular terrorist threat types, there are a number of methodologies that should
be considered as defined in the following matrix. All applicable options should be considered as part of
the OR process.
Attack Methodology
Designer Consideration
Parked – a parked VBIED device is left adjacent to a
target and detonated.
•
Enforce stand-off.
•
Detection of suspicious vehicles.
Encroachment – a vehicle encroaches beyond a site
perimeter where protection provides exploitable gap or
a hostile vehicle 'tailgates' behind an authorised
vehicle.
•
VSB protection to disable hostile vehicle
upon impact.
•
HVM scheme designed in line with design
/ installation requirements.
•
Tiger trap system for critical asset.
Penetrative – vehicle speed is built up to allow a
hostile vehicle to breach a site perimeter and target an
asset.
•
VSB protection to disable hostile vehicle
upon impact.
Deception – deception focuses upon gaining
unauthorised access beyond a secure perimeter
through pretence or stolen access credentials.
•
Secure access control system.
•
Authentication and Verification for
access.
Duress – an attack is facilitated by placing somebody
under duress to gain access beyond a secure
perimeter.
•
Duress detection.
•
Multi-layered defence.
•
Tiger trap system.
Insider – a person with legitimate access facilitates an
attack by operating the security protective measures,
providing access for the hostile attacker.
•
Staff vetting.
•
Insider threat mitigation.
•
Multi-layered defence.
Tamper / Sabotage – the attacker disables or
weakens the security protective system prior to an
attack. This may be a physical or cyber-attack on
automatically controlled measures, to undermine their
protective ability.
•
Visual surveillance.
•
Regular maintenance / inspection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 21 OF 3 11
Vehicle Dynamics Assessment
As part of the OR process, a Vehicle Dynamics Assessment (VDA) should be conducted to understand
the impact classification requirements for any required VSBs.
Firstly, the designer should select the relevant risk-based threat vehicle for assessment, from the IWA14 vehicle classification types. It is recommended that the default is a N2 or N3C vehicle type.
Where a very clear threat is present, then larger vehicle types may need to be considered.
It should be noted that the threat vehicles do not cover construction equipment. If this is considered a
threat then a pure VSB solution is unlikely to be successful without operational measures also.
The VDA should account for the total approach speed along an assessed attack path. This should be
calculated based upon the threat vehicles acceleration and cornering speeds along the vehicle swept
path.
The designer should remember that standard ‘rules of the road’ do not apply so any possible means of
approach is credible. The attacker will likely mount footpaths, enter pedestrianized zones and ignore
road signs, with the potential to traverse over large open spaces such as parks.
An example VDA is provided below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 22 OF 3 11
The VDA impact speed provides an impact classification. An example impact classification is as follows.
It should be noted that some classification schemes will not provide a Dispersion of Major Debris
distance.
Applicable VSB measures should be selected based upon the calculated impact classification and their
intended placement and any throughput requirements for vehicles or pedestrians.
Design Approach
The design approach must be based upon the threat being mitigated.
Vehicle as a weapon attacks
The protection scheme should look to achieve the following aims in descending order:
•
Prevent vehicles entering the area to be protected through a denial scheme.
•
Provide a scheme that restricts easy or fast movement of vehicles into the protected space.
•
Provides a visual deterrence to vehicle attacks.
•
Provides early warning of an attack through noise or disturbance to allow people sufficient time to
move away from potential danger.
Vehicle Borne IED
Creation of Stand-off
All occupied buildings shall maintain the minimum clearance distance defined below.
Enforcement of stand-off is the key mitigation approach that should be adopted.
Protection Group
Stand-Off Required
Restricted – Critical Assets
45.0m
Restricted – Other Assets
25.0m
Enhanced – Critical Assets
25.0m
Additional blast mitigation measures (i.e. façade / glazing / structural design enhancement) may be
needed where stand-off is limited.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 23 OF 3 11
Stand-off must be enforced with impact tested and certified VSBs, with their impact rating at least
equivalent to the highest speed attainable in that location based on the VDA.
Attack Speed
When designing the object or surrounding approaches, there may be opportunity to limit potential attack
speeds. This reduces target attractiveness with a reduced potential impact from a VAW perspective and
reduced vehicular penetration if considering a VBIED attack.
As illustrated by a VDA, potential vehicle attack speed can be limited where there are a number of tight
radius turns. Therefore, the following principles can reduce the potential attack speed:
•
The approach roads to an object requiring HVM protection should be designed as to not allow for
direct straight approaches.
•
Direct approaches should not lead directly into an object opening, i.e. lobby area.
•
Chicanes can be inbuilt where it is desirable to further reduce attack speeds. This may be
augmented by additional speed retardation devices and designs if so required by the proponent. A
90-degree turn leading to the gatehouse shall be an acceptable alternative to a chicane.
Vehicle Denial
Vehicle denial is the primary aim for industrial facilities against a VAW attack, or for enforcing stand-off
against a VBIED threat. The design approach taken should successfully disable a hostile vehicle in the
event of impact.
Denial can be achieved through a number of approaches including:
•
Using standard VSB products certified to IWA-14.
•
Constructed defences.
•
Landscaped solutions.
Standard VSBs
A large range of VSB products are available, which are certified to IWA-14: 2013 – Vehicle Security
Barriers to disable a hostile vehicle, as specified by their impact rating.
It is vital that all HVM elements conform to the following principles:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 24 OF 3 11
•
The maximum air gap between the hardened core of adjacent VSBs is 1,200mm.
•
The 1,200mm air gap is measured between structural elements at a height of 600mm above ground.
•
It should be noted that bollards must be to the tested height specific to each manufacturer; this is
generally in the region of 900 – 1,000mm from finished ground level.
VSB Type
Example Measure
Bollards
Static, retractable,
sliding, folding,
removable.
Blockers
Rising.
Gates
Swing, sliding, rising
arm barrier.
Perimeter Barriers
Rope system,
planters, fences /
barriers.
Typical Image
The exact type of required measure should be specified by the OR process. For instance, if authorised
access for vehicles is required then some form of active measure is needed.
When selecting products, the designer should consider as a minimum:
•
Available foundation depths.
•
Static or active requirement.
•
Operational overlay i.e. automated, manual.
•
Expected throughput usage.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 25 OF 3 11
•
Aesthetics.
•
Suitability of the measure type to meet the VDA impact speeds.
•
Allowable penetration past the VSB.
•
Environmental conditions where the measures will be installed.
Constructed Defence
Where VSBs may not be suitable, constructed obstacles such as walls should be used to disable a
hostile vehicle in the event of impact. However, the constructed defence must be able to mitigate the
impact forces of a hostile vehicle. In most cases they will be best achieved through using a rated VSB
base measure and constructing a structure around it. The structure should not be overly rigid as to
prevent engagement with the VSB, or potentially form ‘a ramp’ to by-pass the location.
Where a VSB is not incorporated, the measures will not be impact rated as a tested measure but may
still be proportional to the threat if only deterrent measures are warranted.
A key example of this would be a wall system for e.g. a protected residence. This would be constructed
from substantial materials with a depth that would prevent hostile vehicle incursion. The defence of such
wall system could also be designed as to provide resistance against the effects of blast, or with added
structural resistance, e.g. using a Bi-Steel section to form the base section of the wall.
The principles to be followed are:
•
Be a minimum of 650mm height.
•
Be a minimum of 500mm in depth.
•
Be constructed of sufficiently robust and dense material e.g. reinforced concrete with extensive face
to face reinforcement.
•
Have a continuous foundation that allows the wall to act as one element and thus dissipate forces
better.
•
Be suitable for the ground conditions, such that there is no degradation of the foundation or wall
alignment over time.
Landscaped Features
Landscaped features will be important in the case of NEOM in separating areas of autonomous vehicles,
from people and where non-autonomous vehicles are in operation.
However, landscaped measures do require maintenance to remain effective and this should be taken
into account by the designer when selecting their approach.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 26 OF 3 11
Bunds / Berm
Naturally formed barriers can provide vehicle denial as part of a secure perimeter, when meeting certain
requirements for installation. Bunds provide a sufficient obstacle when a tall enough obstacle, with a
sufficient angle on the attack face is installed.
Bunds can be enhanced when constructed using geo-textile VSB measures, which will also maintain the
shape of the measure over a period of time.
The designer should ensure that the bund:
•
Has an approach angle >50°.
•
A vertical height of at least 1,250mm.
•
A break-over angle of <130°.
Ditches
Ditches deny vehicle movement when a sufficiently wide and deep enough ditch is introduced. Ditches
must be maintained to be effective and therefore may not suitable for all locations or threat vehicles. The
designer should not rely on information of dimensions and attacks speeds in this document and must
complete their own calculations and design.
The designer should consider a 4x4 vehicle’s capabilities in the design of an HVM ditch, as this vehicle
is most equipped to overcome it.
The typical ditch dimensions, based upon the assessed impact speed are as outlined below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 27 OF 3 11
Approach Speed
(Kph)
W = Minimum Ditch
Width
32
3.0
48
4.0
64
5.0
B = Back Face (˚)
D = Depth (M)
>50˚
>1.25
It is incumbent upon the designer to verify the dimensions for their specific use case.
Vehicle Access Control Points
At any location where an authorised vehicle requires access beyond a secure perimeter line, a Vehicle
Access Control Point will be required. This is typically needed at site perimeter entrances such the
airport airside perimeter, or at the Hydrogen Plant site boundary.
The designer must carefully consider the necessary access requirements, with consideration for:
•
How will active measures be operated?
•
What authentication is required to ensure only authorised vehicles and occupants have access?
•
How frequently will vehicle access be required?
•
Are there are any conditions of entry, i.e. vehicle search?
As part of the Concept of Operations, a detailed operational strategy should be provided for VACP
operations. An example of the outline operation is provided below.
The designer should be aware of the supporting infrastructure required at VACPs including:
•
Vehicle rejection capability.
•
Operational staff and welfare facilities.
•
Active barrier safety requirements e.g. safety sensors.
•
Video Surveillance coverage.
•
Other security systems.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 28 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 29 OF 3 11
Reference Standards
The following standard should be used when developing the Vehicle Security Barrier design:
Standard
Description
ISO IWA 14
Vehicle Security Barriers.
BSI PAS 170-1
Vehicle Impact – Low Speed Impact Testing.
CWA 16221
Vehicle security barriers. Performance requirements, test methods
and guidance on application.
ASTM F2656 / F2656M - 18
Test method that provides a structured procedure to establish a
penetration rating for vehicle perimeter barriers subjected to a
vehicle impact.
KSA Ministry of Interior HCIS Security
Directives Sec 06 4.3.3 for crash barriers
Defines level of protection required for facilities across Saudi
Arabia- specifically the standard required for crash barriers.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 30 OF 3 11
B10: Counter-Unmanned Aerial Systems
Overview
This section defines the requirements for Counter- Unmanned Aerial Systems (C-UAS), sometimes
referred to as Counter-Drone Systems. Whilst there have been incidents of hostile UAS in KSA, these
are currently infrequent and have been targeted against Royal, Government or Iconic locations, and
therefore it is prudent to plan a level of detection and protection.
However, due to the extensive range of UAS there will be a Regional level approach as well as any
localised requirements. The designer must consider the following threat options for UAS, and whether
they will apply to the facility, site or building they are designing.
•
A weaponised UAS attack – Key industrial facilities where large scale damage or targeting of critical
equipment is possible.
•
Disruption of normal activity – Where the presence of a drone or an attack would disrupt service
provision to the NEOM population.
•
UAS information collection – Likely for research facilities and flagship technology buildings.
The text, in terms of security effect, refers to a DTIE approach:
•
D – Detection.
•
T – Tracking.
•
I – Identification.
•
E – Effect.
Application
Built Object
Recommended Treatment
Industrial Restricted Protection Group
•
Inclusion of a DTI based system as standard.
•
E based systems only to be included where UAS/Drone
activity cannot be tolerated.
•
E based systems only to be included where UAS/Drone
effects would not cause further damage or injury.
•
Inclusion of a DTI based system if threat indicated by
STRA.
Industrial Enhanced Protection Group
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 31 OF 3 11
Where the vulnerability cannot be designed out, then a DTIE system should be designed.
Threat
The C-UAS function will provide mitigation against threats identified within the Design Basis Threat, and
specifically will reduce the impact against those threats highlighted in Overview Section. As UAS threats,
in general, are a potentially growing concern, further detail has been included below in the Threat
Overview.
Threat Overview
UAS present a number of key threats to the safety and security of NEOM. This is an emerging threat
with an increased use of UAS for criminal and extremist purposes seen globally. This has been
enhanced particularly with the growing capabilities of UAS such as increased flight times, payload
capacity and autonomous flight modes. UAS can support both criminal and extremist motivations or be
linked to intended nuisance attacks.
UAS have a variety of different forms from quad-copters to fixed-wing systems, however they can be
categorised into two primary categories:
•
Hobbyist: Readily available UAS with a low cost, typically with a payload capacity up to 20kg and
flight time up to 40 minutes.
•
Commercial: Bespoke and high cost UAS with upgraded capability including payload capacity, flight
time and technological components.
The varying capabilities of UAS determine the potential impact of a propagated UAS threat.
These can be broken down into kinetic and non-kinetic threats.
Kinetic threat types include:
•
Delivery of explosive payload i.e. mortar, IED, grenade.
•
Direct impact of UAS into person, object or network function in order to cause damage or disruption.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 32 OF 3 11
Non-kinetic threat types include:
•
Dispersal of CBRN agents.
•
First-person view surveillance.
•
Espionage and hostile reconnaissance.
•
Protest; carrying or dispersal of protest materials.
•
Protest; interruption of network capabilities.
•
Information theft i.e. WIFI capture, electronic jamming, signals collection.
The threats posed by UAS are set to increase as the capability of the available systems are developed.
If your design is required to take account of UAS threats, the above threat types must be graded in your
specific Threat and Risk Assessment.
Performance Requirements / Design Requirements
The C-UAS response will mitigate the effect of UAS through an approach of Detection, Tracking and
Identification of a hostile UAS, and application of the relevant security Effect to disable or disrupt the
UAS. This is known as a DTIE system.
Where the designer includes a C-UAS, then a concept of operations, including the response/effect
element of the DTIE system needs to be described. In certain cases, the E function will not be within the
designer’s remit, and in this scenario, the use of the DTI system needs to be clearly articulated.
Design Considerations:
The following design considerations must be taken into account:
•
Always first, is a C-UAS necessary or warranted based on the threat and risk assessment
completed by the designer.
•
Such systems, where warranted, should be discussed with NEOM Public Safety Department prior to
any design work being undertaken.
•
Could the vulnerability to the protected assets be designed out, negating the need for a C-UAS
system?
•
Can cover from view be part of the design approach?
•
Can assets be concealed or disguised to prevent their easy recognition?
•
Will the system negatively affect neighbouring sites or operations?
•
Can a local physical barrier be put in place to protect the asset?
•
If protecting sensitive information, can obscuration films, placement away from window areas etc be
used to deny access to it?
•
Will the use of an Effect system represent an increased risk to life safety or other assets if enacted?
•
Where located in an urban environment, would a C-UAS system offer any benefit due to the short
detection ranges and response times available?
•
Any system should not have a detrimental effect on other communications and signals.
Detection
The C-UAS should have a capability to sense the presence of unexpected objects within the specified
area of interest. Design consideration should be given to what is being protected and how time critical
the protected asset is, and thus define early warning requirements for detection of a UAS.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 33 OF 3 11
The detection capability of the UAS should:
•
Have a high detection rate for both hobbyist and commercial drones across a range of altitudes.
•
Ability to detect and track multiple targets.
•
Have a maximum detection time of 30 seconds after UAS launch within the system detection zone.
•
Provide for a low false alarm rate, reducing interference from clutter or slow-moving objects such as
birds.
•
Provide a minimum detection arc of 200m within internal urban environments from the sensor and
provide a wide sensory range beyond the external perimeter, where appropriate. The arc should be
configurable so that the deployment location can be ‘filtered’ for known infrastructure, obstructions
and UAS flight paths.
•
Provide early detection to allow tracking and identification, as well as escalation of a security
response.
•
Where an extended perimeter is permissible, e.g. airport, hydrogen plant, the detection range should
be a minimum of 2km. The minimum detection range must be confirmed by the designer based
upon flight times to protected assets.
•
Must be capable of distinguishing between other airborne objects in that location.
The detection capability of the C-UAS must be linked to either a facility, site or building dedicated
Security Control Room or NEOM community central monitoring centre. Alerts will highlight to the security
operator a presence of a detected UAS. If the facility, site or building does not have a dedicated Security
Control Room, then the requirement for a C-UAS should be the first consideration.
The detection process also extends beyond detecting UAS presence in the air. The C-UAS should be
integrated with security measures such as perimeter intruder detection and visual surveillance to support
the early detection of a drone operator. The system should also incorporate other electronic detection
methods that will identify an operator’s location as this provides another potential Effect response which
is easier to enact.
Ground detection of unauthorised persons or vehicles could be a precursor to a hostile UAS being
launched. Early detection for critical infrastructure facilities should consider detection technologies that
operate beyond their physical perimeter.
Tracking
Early detection of a UAS will be supported by the C-UAS tracking capability, which will determine the
location of the object and track the UAS flight path, altitude and potential pilot location.
The tracking capability of the UAS will:
•
Track the UAS flight path, also indicating the movement trail from detection.
•
Determine flight altitude.
•
Indicate the UAS speed and therefore be able to integrate with other systems to show a threat
overlay with potential arrival times to different assets.
•
Track data signals to pinpoint location of operating pilot.
•
Provide GPS or other data to other security sensors, such as video, to allow multi-mode verification
and surveillance of the UAS.
UAS are based upon internet-based communications, which provide for an exploitable vulnerability to
track the user of the UAS. Data transmissions between the UAS, external servers and controlling smart
device will be detected and tracked to determine the pilot location. This information could include GPS
location, name information, IP addresses or product serial numbers.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 34 OF 3 11
Where the DTI or DTIE system is a commercial system, it will be the responsibility of the commercial
organisation for monitoring DTI functions, and only where appropriate and approved by NEOM
Authorities will an E function be allowable.
Identification
The C-UAS will then have the capability to identify the UAS; this will classify an unidentifiable object as a
hostile UAS.
The identification capability of the UAS will:
•
Distinguish between authorised UAS and unauthorised UAS, this will also link to a geo-fencing
system, flight exclusion zones, time authorisations as a minimum. The wider control of airspace
should be discussed with NEOM if your risk assessment determined that a C-UAS is warranted.
•
Provide a confirmation of the tracked UAS to a monitoring station as a hostile UAS intrusion.
•
Decide on an appropriate response.
•
An Automatic Identification System (AIS) will support the identification of UAS. All authorised UAS
used for a variety of supporting services i.e. security, service inspection, transport of goods within
NEOM will have an AIS transponder fitted and be registered with the NEOM authorities.
•
The AIS will link to a registered user database that will give the detecting C-UAS system standard
non-personal data. If the UAS poses a threat, then either the C-UAS will be able to take direct action
or reporting of the incident to NEOM if not an authorised Effect system.
•
Identify potential targets of the UAS.
Therefore, any object within the airspace that is not fitted with an AIS transponder and is registered will
be immediately identified allowing for the relevant security effect or response to be prioritised.
Effect
The combination of Detection, Tracking and Identification will allow for the supply of timely information
which allows for a relevant security Effect if authorised.
Any Effect must be safe and not increase the risk of injury to people or property.
This will manifest in the following C-UAS capabilities:
•
Disrupt: intercept and jam UAS signals to prevent incursion and return to the pilot location.
•
Disable: intercept data signals and commandeer UAS to force to land safely.
•
Defeat: use kinetic measures to physically destroy or capture the hostile UAS.
It should be accepted that it is unlikely to be safe and practical to use jamming or kinetic methods in
urban areas. A detailed Security Operational Requirement (SOR) is required to determine the necessary
security response to unauthorised UAS incursions. This will be determined by:
•
The criticality of the targeted object and required immediacy of response.
•
Surrounding assets and people, considering injury or damage if the UAS is brought down.
•
Type and size of the hostile UAS.
It is stressed, that in all cases, consideration of a UAS threat early in design is most appropriate
and where possible using design features and layout to prevent the threat will be more effective
and enduring than fitting a C-UAS.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 35 OF 3 11
Equipment
The designer needs to consider the range of detection measures that are suitable for their facility, site or
building as this will differ:
•
Radar: transmittal of radio waves to detect objects through reflection. Particularly useful for
scanning large area ranges.
•
Electro-Optical: camera that senses objects on the electro-magnetic spectrum in daylight, or
through the use of Infra-Red during night-time.
•
Electronic Surveillance: detecting electromagnetic emissions.
•
Acoustic Sensors: detection of objects through sound waves emitted by object.
The type of detection technology, and combination of sensors will need to be determined based on
layout and identification of assets for protection. The technology decision and supporting vulnerability
assessment should form part of the early design stages, preferably in the Concept Phase.
Supporting Mitigations
The designer should consider supporting the C-UAS with the following additional mitigations:
Exclusion Zones and Geo-Fencing
Discrete facilities, sites and buildings with a defined physical security perimeter, such as a fence (e.g.
Airport, Desalination Plant) may benefit from geo-fencing to act as an exclusion zone. This will detect
the incursion of unauthorised UAS into the airspace of areas which will be attractive targets to both
criminal and extremist exploitation via UAS.
Internal Information Protection
Information Technology resilience will be designed into systems to limit the opportunity for a UAS to
extract sensitive information. Cyber resilience mitigations will successfully reduce the impact that a
cyber-attack via UAS could have.
Left Package / CBRN Detection
Left package detection and CBRN will support the detection of packages such as IEDs delivered via
UAS or dispersal of CBRN agents by UAS. This capability if required, should come from other
surveillance assets and be clearly defined in the Security Concept of Operations.
Blast Resilience
A very limited number of facilities, sites or buildings should have a degree of blast resilience, with
particular consideration for object structure and rooftop strength. Any blast measures should be
designed into the building, only after vulnerability has been removed remembering that the majority of
UAS can only deliver small payloads.
Reference Standards
Currently very few specific standards exist to define C-UAS systems. The designer should follow the
guidance of the constituent elements of the system to provide a safe and effective system. i.e. radar
linked to video as a detection and tracking combination.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 36 OF 3 11
B11: Blast Protection
Introduction
The requirements for blast protection within NEOM will be based upon the specific threat and risk
assessment that is completed for the facility, site or building. There are a number of baseline design
considerations that will provide an overall reduction in the effects of any blast or extreme loading
scenarios.
Before blast protection measures are designed, the following considerations should be made.
•
Is the overall risk severity of a blast related event beyond a tolerable level? i.e. is blast protection
needed?
•
Is it possible to design out the vulnerability for what is being protected?
•
Can the stand-off distance between the protected area and the location of an explosion be
increased to reduce the likely loading on the structure/asset?
•
Is the orientation and location of the protected asset such that it minimises any blast effects?
•
Can the blast wave be disrupted before it reaches the asset?
•
Can building/structural hardening be undertaken?
If there is a requirement for blast protection/mitigation then the following should be considered the
minimum design criteria, but must be informed by the specific threat and risk assessment:
•
Any structure must be designed to not disproportionately or progressively collapse when subjected
to the threat loading criteria.
•
Any elements that will form secondary fragmentation, especially glazing, must be designed that the
failure mode is a Low hazard. (See the Glazing Section).
•
Any blast effects experienced by people must not be made worse through the design.
Assessment of blast loading and its effects must be completed by a suitably qualified and experienced
person in the effects of blast loading.
Certain built objects within NEOM will require defined levels of protection from blast loading and these
are outlined in the following matrix. Further protection, if required, should be evidenced in the specific
threat and risk outcomes.
Built Object
Factor
Recommended Treatment
Industrial Restricted Protection
Group
Effects of blast loading.
•
Specific consideration of critical
assets and key areas for
protection. (All factors)
•
Control Rooms. (All factors)
•
Gate/Entry Posts. (PBIED)
•
Specific consideration of critical
assets and key areas for
protection. (All factors)
•
Control Rooms. (All factors)
•
Gate/Entry Posts. (PBIED)
•
LVBIED.
•
PBIED.
•
Mail IED.
Industrial Enhanced Protection
Group
Effects of blast loading.
•
VBIED.
(unless downgraded through
STRA)
•
PBIED.
•
Mail IED.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 37 OF 3 11
Design Basis Threat
The following table provides the standard DBTs for explosives base threats. Applicability of each DBT
should be taken from the Minimum Security Requirements Section.
Threat
Design Basis Threat
VBIED
•
100kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 20.0m.
•
Stand-off to structure to be informed by enforceable distance for
preventing a vehicle, i.e. HVM measures.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 20.0m
is taken where the stand-off is below 20.0m, and actual stand-off utilised
where the distance is above 20.0m.
•
500kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 20.0m.
•
Stand-off to structure to be informed by enforceable distance for
preventing a vehicle, i.e. HVM measures.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 20.0m
is taken where the stand-off is below 20.0m, and actual stand-off utilised
where the distance is above 20.0m.
•
15kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 6.0m.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 6.0m is
taken.
•
15kg TNT equivalent bare charge detonated at 0.25m above the ground
applied at a satnd-off distance of 6.0m.
•
For attacks against a structure it should be assumed that the charge has a
minimal to zero stand-off distance if no obstruction to placing the IED
exists.
•
For attacks to determine if infrastructure will form secondary hazards, it is
suggested the equivalent loading criteria for a stand-off distance of 6.0m is
taken.
•
1kg TNT equivalent bare charge detonated at 1.0m above the ground
applied at a stand-off distance of 1.0m.
Large VBIED
PBIED
Placed IED
Mail IED
Note: Unless specifically indicated by NEOM Public Safety Department, buildings and structures are not
designed to withstand military explosive based threats.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 38 OF 3 11
Reference Standards
The following standard should be used when developing the blast protection design:
Standard
Description
ISO16933
Glass in building - Explosion resistant security glazing Test and classification
for arena air blast loading.
ASTM F1642 / F1642M-17
Standard Test Method for Glazing and Glazing Systems Subject to Air blast
Loadings, ASTM International, West Conshohocken, PA, 2017.
EN 13123-1
Windows, Doors and Shutters Explosion resistance; Requirements and
Classification Part 1: Shock Tube. CEN European Committee for
Standardization, 2001.
EN 13123‐2
Windows, Doors and Shutters-Explosion Resistance; Requirements and
classification - Part 2: Range Test. CEN European Committee for
Standardization, 2004.
EN 13124-1
Windows, Doors and Shutters – Explosion Resistance; Test Method Part 1:
Shock Tube. CEN European Committee for Standardization, 2001.
EN 13541
Glass in building - Security Glazing -Testing and classification of resistance
against explosion pressure. CEN European Committee for Standardization
2012.
GSA-TS01
Standard test method for glazing and window systems subject to dynamic
overpressure loadings. US General Services Administration, 2003.
References
Blast Effects on Buildings. Cornie, Mays & Smith. 3rd Edition. 2019.
Handbook for Blast-Resistant Design of Buildings. John Wiley & Sons, Inc. 2010.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 39 OF 3 11
B12: Ballistic Protection
Overview
NEOM is being developed to provide multi-layered security from its borders, through the buffer zones
that surround the City and outlying sites, and into the buildings and structures that will form the
communities. It is anticipated that very few sites will require a level of ballistic protection, and by
exception these need to be identified during the facility, site or building specific threat and risk
assessment.
The topic of ballistic protection is closely aligned with the Glazing Section, and this should also be
referred to by the designer to understand the overall enhanced security requirements that may be
required.
Certain built objects within NEOM will require defined levels of protection for ballistic protection and
these are outlined in the following matrix. Further protection, if required, should be evidenced in the
specific threat and risk outcomes.
Built Object
Factor
Recommended Treatment
Industrial Restricted Protection Group
Effects of Ballistic Damage.
•
Industrial Enhanced Protection Group
(unless downgraded through STRA)
•
Walls – (Floors, Ceilings if
applicable.)
Specific consideration of critical
assets and key area protection.
•
Control Rooms.
•
Doors.
•
Gate/Entry Posts.
•
Glazing.
Threat
NEOM requires to future-proof specific locations against the threat of a ballistic attack. Whilst these
attacks could be unlikely, the likelihood may change in the future and such measures are costly and
difficult to retrofit effectively.
Therefore, an identified need for ballistic protection will use the following design base threat for all
locations unless an enhancement is required based on the people or asset being protected.
The security factor and its associated design base threats:
Security Factor
Intent
Design Base Threat (DBT)
Effects of Ballistic
Damage
•
•
Protection Measures
BR/FB6 + SG2.
Performance Requirements
Effects of Ballistic Damage
The first consideration is for the vulnerability wherever possible to be designed out, consider:
•
Orientation and/or placement to avoid the vulnerability.
•
Denying direct line of sight. Most threats will require line of sight to be successful.
•
Where the situation cannot be avoided, designing a number of layers to provide the protection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 40 OF 3 11
•
Glazing is degraded by ballistic attack and therefore as tested will only provide certainty of
protection for a maximum of three rounds of the specified ammunition. Therefore, no protective
ballistic system in isolation represents the whole security solution.
•
If polycarbonate is used in the glazing build-up, it should not be placed where the environmental
conditions will degrade it, or in areas where abrasion is likely.
•
A glazing specialist should be consulted where the glass tint is important, as thicker ballistic
protective glass will cause a green tint unless specified with the correct chemical content.
•
Protection can be developed through the use of multiple denial and protection layers as shown in
the following schematic.
The DBT is based against the system defined in BS EN1063 and BS EN1522 that defines the threat on
a scale prefixed by BR or FB. The threat is the same for each level.
Therefore, wherever ballistic protection is required, the baseline level of protection is BR/FB6 and SG2.
Certain facilities where ballistic glazing is required, such as the Royal Residences, may require an
enhancement above the DBT. This should be discussed with the relevant security stakeholders.
Safe rooms designed against ballistic attack will require careful consideration to ensure that no weak
areas exist in the protective shell of the room. This is 3 dimensional and should include floors and ceiling
areas, as well as wall panels.
Reference Standards
The following standard should be used when developing the ballistic protection design:
Standard
Description
BS EN 1063
Glass in building. Security glazing. Testing and
classification of resistance against bullet attack.
BS EN 1522
Windows, doors, shutters and blinds. Bullet resistance.
Requirements and classification.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 41 OF 3 11
B13: Security Doorsets
Overview
Security door sets will form a key element of the physical security overlay and must be considered as
part of the overall security effect.
It is important to determine the security requirements for the door specifically and the following
considerations should be taken account of:
•
What function does the doorset need to perform? This should consider normal operations alongside
the type of threats it should mitigate.
•
Following the STRA, what types of threat / attack does the door need to work against (i.e. Manual
attack, blast, ballistic etc.)?
The security function for doorsets is as follows:
•
To prevent or delay unauthorised access into a protected space by providing a physical barrier that
provides proportionate mitigation to an assessed threat of unauthorised entry.
•
In some cases, such as police stations, prisons and secure mental health medical facilities it will be
necessary to provide doors and doorsets that prevent unauthorised exit from a facility.
•
To provide a demarcation between public and private space.
•
To prevent undetected entry into a protected area through resistance to surreptitious attacks.
•
To allow safe egress from the protected building or area in an emergency while preventing
unauthorised entry.
•
To provide enough time for those inside a protected building or space, if under attack, to act before
criminal entry is gained.
•
To provide the appropriate level of security against unauthorised entry to restricted areas within
buildings. For example, entrances to cash handling areas in banks or high value goods facilities in
logistics warehouses.
There are many different types of doorsets on the market and it is important that designers choose the
correct door for the location where it is to be installed and for its purpose. Some examples of security
rated doors are shown below:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 42 OF 3 11
Attacker Capability
The following table sets out a classification guide for potential manual attackers, based upon the level of
criminal intent, preparedness, skillset, knowledge and available equipment.
The attacker types are taken from BRE LPS 1175: Issue 8 categorisation of criminal threat levels. This
considers an assessment of an attacker’s intent and capability, to provide a security rating based upon a
capability threat rated from A to H (low to high).
The overall delay time to be achieved can be achieved either through a single or multiple layers of
protection.
The following matrix provides guidance on the minimum standard that should be applied based upon the
Protection Group and criticality. However, these are minimum standards and if an STRA shows
increased threat greater protection levels may be required.
If a designer specifies doors that are certified under a different standard, proof of delay compliance will
need to be provided at the relevant design stage.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 43 OF 3 11
Protection
Group
Attacker
Type
Baseline
A
An opportunistic
criminal exploiting
a security
vulnerability using
low tech, handheld
tools.
SR 1
(A1 = toolset
A, 1-minute
delay).
Baseline –
Critical Areas
Enhanced –
Specified
Supporting
Areas
B
An opportunistic
criminal targeting
specific locations.
SR 1+
(A3 = toolset
A, 3-minute
delay).
Enhanced –
Critical Areas
C
Planned targeting
of more sensitive
sites.
SR 3
C5 = toolset
C, 5-minute
delay).
Restricted –
Specified
Supporting
Areas
E
Determined
criminal targeting
important sites.
SR 5
E10 = toolset
E, 10-minute
delay).
Restricted –
Critical Areas
H
Sophisticated and
determined
attacker, targeting
a mission critical
facility.
SR 7+
H10 = toolset
H, 10-minute
delay).
Description
DOCUMENT CODE: NEOM-NSE-PRC-001
Tool set
SR Rating
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 44 OF 3 11
Examples of how delay can be layered over different elements of the built form to achieve and overall
delay time are provided below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 45 OF 3 11
The selected doorsets would be expected to meet the following performance requirements:
•
Delay an attacker’s attempts to penetrate the doorset in order to enter the protected building or
space within a building.
•
Provide the appropriate level of resistance according to the Protection group of the building or space
to be protected.
•
Resist the creation of a full-body access aperture through the fabric of the leaf. This aperture is
defined within the Centre for Protection of National Infrastructure’s Manual Forced Entry Standard
as being one through which an elliptical test block measuring 400mm by 225mm may be passed.
•
Prevent undetected entry into a protected area by providing resistance to surreptitious attack.
•
Be fitted with door locking hardware and hinges, dog bolts etc. that are commensurate with the
assessed resistance class of the doorset.
•
Be suitably durable and maintainable relative to the doorsets location.
•
Be securely installed within compatible structures. If this is not the case and a security door is
installed into a weaker structure it may:
o
Fail to prevent unauthorised entry. For example, it may be possible for an attacker to remove the
doorset from the surrounding structure or penetrate the surrounding structure in order to operate
door release mechanisms located on the protected side of the doorset.
o
Lead to structural damage. For example, if a doorset incorporating a heavy door leaf is fitted
within a lightweight partition, the surrounding partition may crack due to the door leaf opening
and closing repeatedly causing fatigue fractures in the walling material. Fixings holding the
doorset may also work loose.
Reference Standards
The following standards should be referred to when developing the security doorset design:
Standard
Description
LPS 1175 – Issue 8
LPS1175 focusses on the physical security of ‘intruder resistant building
components’, which includes strong-points, security enclosures, free-standing
barriers, and any products that fall within those categories, such as doors, shutters
or fencing.
PAS 24
Enhanced security performance requirements for doorsets and windows in the UK.
Doorsets and windows intended to offer a level of security suitable for dwellings and
other buildings exposed to comparable risk.
BS EN 1627
Pedestrian doorsets, windows, curtain walling, grilles and shutters. Burglar
resistance. Requirements and classification
BS 3621
Locking system standard for doorsets - Locked by key from both sides.
BS 8621
Locking system standard for doorsets - Locked by key from outside only, can always
be opened from the inside without a key.
BS 10621
Lock assemblies in which the operating mode can be switched between the normal
BS 8621 operating mode and a secure mode in which no egress is possible.
Saudi Building Code 2018
General requirements.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 46 OF 3 11
B14: Security Glazing
Overview
Given the design vision and liveability aspects of NEOM, natural light will form a key part of any scheme,
balanced against passive heat control and the maintenance of privacy for residents, businesses and
visitors. There are a number of concerns related to glazing and security that need to be taken into
account for any facility, site or building. These have been arranged into four Security Factors to aid the
designer in identifying clearly those which apply to their development.
•
Effects of Blast Loading.
•
Effects of Ballistic Damage.
•
Resisting Manual Attack.
•
Privacy.
Certain built objects within NEOM will require defined levels of protection for some or all of the above
factors. This will also account for non-intentional blast and ballistic damage are specified facilities. The
following matrix provides a baseline of minimum requirements. However, it should be noted that the
need and inclusion of mitigations and protection against attack on glazed systems will also be informed
by the specific Security Threat and Risk Assessment and how the site, facility or building will be used,
especially in relation to massing of people.
Protection Group
Factor
Recommended Treatment
All Groups
•
•
Graded to the criticality of the
site.
•
Graded to the local criticality for
where the glazing is placed.
•
Specific consideration of critical
and key areas for protection.
Restricted
Restricted
Resisting Manual Attack.
•
Effects of Blast Loading.
•
Resisting Manual Attack.
•
Privacy.
•
Privacy for key areas/points.
•
Effects of Ballistic Damage.
•
Control Rooms.
•
Gate/Entry Posts.
•
Critical Points.
Enhanced (STRA indicated)
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 47 OF 3 11
Security Factors
The four security factors and associated design base threats: 2
Security Factor
Intent
Design Base Threat (DBT)
Effects of Blast Loading
•
Mitigation Measures
•
•
Protection Measures
Person Borne IED – 15kg (Normal) applied at a
6.0m stand-off range.
•
Vehicle Borne IED – 100kg (Normal) at a 20.0m
stand-off range.
•
Large VBIED – 500kg (Increased) at a 20.0m
stand-off range.
Effects of Ballistic Damage
•
Protection Measures
•
BR/FB6 + SG2
Resisting Manual Attack
•
Protection Measures
•
EN1630 RC based attacker types and equipment.
(See Performance Requirements)
•
Loss Prevention Standard – specified sites.
•
(See Performance Requirements)
Privacy
•
Mitigation Measures
•
Mitigation: Orientation, obscuration etc.
•
Protection Measures
•
Protection: Counter Surveillance Technical
methods to be defined by designer if required.
Success Criteria
The success criteria for glazed systems are as follows:
•
Glazing subjected to blast loading should provide a Low Hazard failure. This is defined as the level
of hazard where glass debris would be projected into a room for a distance of not more than 3.0m
and not exceeding 0.5m above the floor at this distance. Injuries would be limited to low body cuts,
and fatalities would not be expected, although persons close to the window could be seriously
injured.
If the glazing is of a laminated nature to will significantly reduce the fragmentation produced upon
failure, with generally a higher level of energy absorption in the failing system, thus providing less
damaging energy.
2
It should be noted that the protection against military grade munitions is considered a specialist scenario, and if required this will
be informed by NEOM Public Safety Department.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 48 OF 3 11
•
Designers have considered the need for the glazing if security-based enhancements or hardening
are required.
•
Designers have considered whether a more enduring solution can be sought, such as re-orientation
or placement of what is trying to be protected.
•
Glazing is designed to take account of the four security factors as informed by the development
specific threat and risk assessment.
•
The inclusion of glazing does not increase the risk associated with an event. This is both likelihood
and impact based.
•
Any security enhancements or design features associated with glazed systems does not prevent the
glazed system performing its normal required function.
Performance Requirements
Effects of Blast Loading
Whilst not specific to glazing, design against adverse loading, such as blast, should result in a
design that resists disproportionate collapse of a structure.
External or Perimeter Glazing
Where a requirement to consider blast loading on glazing is identified, the designer should design to
achieve a Low Hazard failure against the selected DBTs at the enforceable stand-off that can be
achieved. Wherever possible, an increase in stand-off should be considered prior to any building
hardening. It is stressed that the designer must design for the conditions of their development, whilst not
dropping below the following minimum standards:
•
All glazed panes on the protected side of the glazed area should be laminated.
•
Lamination must be done with a 1.52mm PvB interlayer.
•
Single glazed units should be of a minimum 7.5mm laminated glazing.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 49 OF 3 11
•
Double glazed units should be of a minimum 7.5mm laminated inner pane with either an outer pane
of 7.5mm laminated glazing or a 6mm toughened pane.
The designer shall consider their specific threat and risk assessment to determine if the risk determines
whether a development is designed for mitigation or protection. It should also be remembered that
different solutions may be applied to different areas of a facility, site or building dependent upon that
area’s criticality and the impact of a successful threat attack occurring.
Mitigation is defined as the use of laminated glazing that is installed in normal frames or fixings.
Protection is defined as the use of laminated glazing that is installed in blast resistant frames
incorporating enhanced fixings and rebates of 35mm on all sides of the glazed panel. For protective
purposes the minimum thickness of glazing may well be increased.
Blast analysis should be undertaken where warranted to determine the exact glazing required for the
glazing system type.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 50 OF 3 11
Internal Glazing
Internal glazing presents a hazard where it can still be loaded by a blast wave, be this the failure of an
external element or where the potential for an internal explosion is possible. It is therefore recommended
that internal glazing where there are high population areas conform with the following criteria:
•
All glazing should be securely held in place by the framing or support system.
•
Glazing should be laminated using a minimum 1.52mm PvB interlayer to reduce the potential for
fragmentation on failure.
•
Where glass is supported as a cantilever, the support channel should be securely fixed to the floor,
glass should be epoxy-resin, silicone bonded and/or in deep clamped channels wherever possible.
Dry glazed clamping should provide similar retention capability as bonded units. Bonding should be
a minimum of 25mm deep onto the glazed panel.
•
As above, glazed wall lining systems.
Effects of Ballistic Damage
The first consideration is for vulnerability wherever possible to be designed out, consider:
•
Orientation and/or placement to avoid the vulnerability.
•
Denying direct line of sight. Most threats will require line of sight to be successful.
•
Where the situation cannot be avoided, designing a number of layers to provide the protection.
•
Glazing is degraded by ballistic attack and therefore as tested will only provide certainty of
protection for a maximum of three rounds of the specified ammunition. Therefore, no protective
ballistic system in isolation represents the whole security solution.
•
If polycarbonate is used in the glazing build-up, it should not be placed where the environmental
conditions will degrade it, or in areas where abrasion is likely.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 51 OF 3 11
•
A glazing specialist should be consulted where the glass tint is important, as thicker ballistic
protective glass will cause a green tint unless specified with the correct chemical content.
The DBT is based against the system defined in BS EN1063 and BS EN1522 which defines the threat
on a scale prefixed by BR or FB. The threat is the same for each level. Shotguns are pre-fixed SG.
Therefore, wherever ballistic protection is required, the baseline level of protection is BR/FB6 and SG2.
Certain facilities where ballistic glazing is required, such as the Royal Residences, may require an
enhancement above the DBT. This should be discussed with the relevant security stakeholders.
Resisting Manual Attack
Glazing that is identified as needing to resist manual attack should conform to the following criteria.
Low Risk Facilities, Sites or Buildings
This will encompass general residential property, most hotels, offices etc.
The glazing will conform to the Manual Attack Resistance specification of EN1627 and 1630. Individual
glass should be specified and tested in accordance with EN356.
The following table provides the relevant RC gradings under EN 1627, and where they are normally
applied.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 52 OF 3 11
It should be noted that the delay timings associated with EN1627 are not comparable to those of the
BRE grading system as the BRE system use a wider range of tools. Therefore, RC6 does not give more
protection than a H10 system. Once the level of delay is determined, liaison with specialist suppliers will
need to be undertaken.
The selection of a RC rated system should be informed by the specific threat and risk assessment, but
the following minimum standards should be applied where the glazing would provide access into critical
and important areas.
Minimum for all low threat locations (Baseline):
RC2
Minimum for all moderate threat locations (Enhanced):
RC3
Minimum for higher threat locations (Restricted):
RC4+
High Risk Facilities, Sites or Buildings
High risk facilities should be considered to be the target of a determined and well resourced attacker.
Therefore, they will have access to specialist equipment.
The attacker types are built upon the BRE LPS 1175: Issue 8 categorisation of criminal threat levels
(BRE Global Ltd). This considers an assessment of an attacker’s intent and capability, to provide a
security rating based upon a threat rated from A to H (low to high).
An overview of the BRE LPS 1175 attacker types A to H are provided below:
•
A – Low technology level of attack using small, very easily concealed tools.
•
B – More determined attack using easily concealed tools of a greater mechanical advantage.
•
C – Deliberate forced entry using a wide selection of commonly available, relatively easily concealed
tools.
•
D – Experienced attempts at forced entry.
•
E – Experienced attempts at forced entry using tools of a greater battery power.
•
F – Professional attempts at forced entry into a higher value area.
•
G – Enhanced professional attempts of access to high value assets.
•
H – Extreme methods of access to very high value assets using portable tools.
Consideration of the potential attacker types allows the proportionate and effective selection of physical
security measures that have a Security Rating (SR) level providing a tested level of delay, against the
tool types available to the designated attacker types.
It is anticipated that SRs applied to glazing in isolation will be limited due to the attacker resources
available. Therefore, for Restricted sites, the following attacker types should be considered, but
wherever possible glazing should be designed out in favour of more robust construction materials.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 53 OF 3 11
Attacker
Type
E
H
Description
Tool set
Determined criminal targeting
restricted sites such as the
transport hub, using heavy
high-powered tools.
LPS Rating
SR 5
E10 = toolset E
10-minute delay
Sophisticated and determined
attacker, targeting a mission
critical facility using industrial
powered machinery.
SR 7+
H10 = toolset H
10-minute delay
Where a high security location requires glazing, a primary consideration should be whether physical
protection can also be utilised, such as protective bars, shutters or covers. It should be noted that
achieving a specific protection level can be achieved by layering glazing and other protection, each
contributing to the overall delay timing.
All windows should be lockable to prevent opening from the unprotected side.
Privacy
The designer’s first consideration must be to assess whether the vulnerability can be designed out
through orientation, placement or through the built form. This should also consider exactly what is being
protected, whether it is information, activity or just privacy of individuals.
For areas where it is not possible to design out a vulnerability, the following should be considered:
•
Etching – Obscuration by etched glass use. Directional etching may be used to allow light passage
but block certain views.
•
Filming – Use of reflective or screen printed film applied to internal face of the glazed pane.
Preferred to only be used for retrofit scenarios. Directional printing may be used to allow light
passage but block certain views.
•
Tinted Glass – Use of a tinted glass that reduces visibility to an acceptable level. Care should be
taken that both daylight, night time and internal lighting levels are taken into account.
•
Electronically Controlled Glass – Obscuration through the use of electrical current effected cells.
•
Use of contrasting light levels – The lux ratio to be effective must (External) 7:1 (Internal). This may
well be impractical for areas where external lighting is not appropriate or well lit interior spaces make
achieving a 7:1 impractical.
In general, the stand-off distance for a viewer into a space should be greater than 10m, if possible, to aid
obscuration.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 54 OF 3 11
Reference Standards
The following standards should be referred to when developing the security glazing design:
Standard
Description
BS EN 356
Glass in building. Security glazing. Testing and classification of resistance
against manual attack.
BS 5357
Code of practice for installation and application of security glazing.
BS 5516-1
Patent glazing and sloping glazing for buildings. Code of practice for design and
installation of sloping and vertical patent glazing.
BS 5516-2
Patent glazing and sloping glazing for buildings. Code of practice for sloping
glazing.
BS EN 1522
Windows, doors, shutters and blinds. Bullet resistance. Requirements and
classification.
BS EN 1523
Windows, doors, shutters and blinds. Bullet resistance. Test method.
BS 5051-1
Bullet resistant glazing Specification for glazing for interior use.
BS EN 1063
Glass in building Security glazing. Testing of resistance against bullet attack.
BS EN 13541
Glass in building. Security glazing. Testing and classification of resistance
against explosion pressure.
ISO 16933
Glass in building, Explosion-resistant security glazing, Test and classification for
arena air-blast loading.
EN 1627-1630
European standard for performance determinations in connection with burglary
attempts via windows and doors.
EN 1630
Manual test (burglary attempt) with standard tool kit.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 55 OF 3 11
B15: Manual Lock Security
This section sets out the functional requirements for manual locking systems including key operated
padlocks and biometrically operated padlocks.
Notwithstanding the aspiration for NEOM to have keyless entry systems it is likely that manual door
locking systems and padlocks may be required in some locations. However, these should be minimised
through design.
It is expected that manual locks will be of low frequency throughout NEOM and should only be used by
exception on Enhanced and Restricted Protection Group facilities and buildings.
A statement of overall lock security should be formulated by considering the following questions:
•
What are the perceived criminal and terrorist threats that the asset may be subjected to and the lock
must endure?
•
Does the lock location require immediate notification of an unauthorised attempt to enter?
•
Is an audit trail of users and access attempts required?
Performance Requirements
General Functional Requirements – Manually Operated Door Locks
•
The selection of manually operated door locks should be guided by reference to a security needs
evaluation an OR that determines the level of security performance required for the protection group
and doorset requirements.
•
Manually operated door locks such as mechanical lock, thumb turn and latched bolts should be a
deadlock action type of lock.
•
The deadbolt shall be not less than 25mm throw with a saw-resistant hardened steel insert.
•
Lock cylinders should comply with Grade 4 (Key related security), or higher, of BS EN 1303:2005.
•
Lock cylinders should have up to 30,000 possible different key combinations, a minimum of five
movable levers, pins or discs and resist at least 15Nm of ‘plug’ torque.
•
Lock fixing screws should be hidden when the door is closed.
•
The lock bolt should be made of Type 304 stainless steel (or equivalent) material that is corrosion
resistant and has a hardness of at least Rockwell B85, Rockwell hardness is to be specified by the
methods specified in ASTM E18.
•
The lock should be morticed into the fabric of the door.
•
Protection for extending locking bolts should be built into the door frame.
•
All external manually operated locks should be designed to operate in the following environmental
conditions:
o
-10⁰C to +65⁰C in direct sunlight.
o
Ambient relativity humidity range: 5% to 95% non-condensing.
o
Airborne dust concentration: Annual average 0.3mg/m – Sandstorm 3mg/m.
o
Wind speed: 112km/hour.
o
Other pollutants: CO – 50ppm; H2S – 10ppm; Hydrocarbons – 150ppm; NOx – 5ppm; O3 –
1ppm and SO2 – 10ppm.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 56 OF 3 11
•
Outdoor security locks should be capable of continuous operation under the environmental
conditions listed above and shall meet the listed performance when subjected to the full range of the
described conditions.
General Functional Requirements – Padlocks and Biometric Padlocks
•
The selection of padlocks, whether manually operated or biometric, should be guided by reference
to the identified security and operational requirements that determines the level of security
performance required.
•
Where used, hasps should be securely fastened to the anchoring structure and have the same
resistance to attack as the padlock to be used.
•
Where keys are used to operate the padlocks strict key control should be maintained.
Advisory requirements
Designers are advised that at present there are no specific standards for the certification of biometric
padlocks.
When designers are considering the use of padlocks within NEOM it is suggested that following security
rating matrix is considered to guide the choice of padlock:
Protection Group
Recommended Standard
Baseline – Non-Critical
CEN 1 & 2
LPS 1654 Level 1 or 2.
Baseline – Critical
BS EN 12320 Grade 3
Enhanced – Other
CEN Grade 3, Sold Secure – Bronze or Silver
Enhanced – Critical
BS EN 12320 Grade 5 or 6
Restricted – Other
CEN Grade 5 or 6
Sold Secure – Gold
LPS 1654 Level 7 or 8
Restricted – Critical
DOCUMENT CODE: NEOM-NSE-PRC-001
Fully auditable access control expected.
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 57 OF 3 11
Reference Standards
The following standards should be used when developing the manual locking systems design:
Standard
Description
BS EN 12209
Building hardware – mechanically operated locks and locking
plates. Requirements and test methods.
BS EN 1303
Building hardware – cylinders for locks. Requirements and
testing methods.
BS EN 12051
Building hardware – door and window bolts. Requirements and
test methods.
BS EN 179
Building hardware – emergency exit devices operated by a lever
handle or push pad, for use on escape routes. Requirements
and testing methods.
BS EN 1125
Building hardware – panic exit devices operated by a horizontal
bar, for use on escape routes. Requirements and test methods.
BS EN 12320
Building hardware – padlocks and padlock fittings. Requirements
and test methods. Sets a 6-number classification. The higher the
number the greater the resistance to attack. The grading level
should be referred to by designers when specifying padlock
choice.
Central European Norm (CEN) Ratings
A European standard that sets 6 levels of security from 1 to 6.
The higher the number the more robust and hence more secure
the padlock. Security testing is based on the resistance of the
lock and its shackle to twisting, drilling, pulling and cutting.
BS EN 16864
Building hardware – mechatronic padlocks. Requirements and
test methods
LPS 1654
Requirements and testing standards for approval and listing of
mechanical padlocks. Sets 8 levels of resistance based on the
amount of time it takes to remove a padlock based on the use of
different types of tools used by criminals.
Sold Secure
Tested and rated padlocks that have been awarded bronze,
silver or gold status. Gold representing the most secure.
ASTM E18-19
Standard test methods for Rockwell hardness of metallic
materials.
Saudi Building Code 2018
General Requirements.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 58 OF 3 11
B16: Searching, Screening and Detection
Overview
Where the control and detection of prohibited items is required, this will be primarily be met through the
use of searching, screening or detection technology strategies. This should:
•
Provide strong visual deterrence;
•
Where practicable hands free for the user experience; and
•
Cause the minimum dwell time possible.
Minimum dwell time should not be just considered as a throughput measurement. Integration and
convergence of searching, screening and detection should drive a minimum level of disruption or
deviation from daily tasks wherever possible.
However, certain critical locations will still require a process driven approach to search, screening and
detection. In these cases the security requirement takes precedence and therefore assurance of
detection of unauthorised articles is the primary aim.
The following facilities, sites and buildings will require a form of search, screening or detection for
prohibited items. Specific requirements are to be developed through the site specific threat and risk
assessment. Commercially operated sites should apply processes to protect their businesses
adequately.
Location
Search, Screening or Detection Purpose
Safety Critical Environments.
•
Checks on unauthorised and prohibited items being
brought into a safety critical environment.
Potable Water Storage.
•
Prohibited items that could affect potable water supply.
Industrial City Port.
•
In-line with National and International Regulations and
ISPS Code.
Data Centres, R&D, Sensitive Commercial.
•
Data protection.
Hydrogen Plant, Explosive or Flammable
Chemical production or storage.
•
Asset protection.
Major Government Complexes & Regional
Government Offices.
•
Mass casualty threat screening.
•
Data protection.
•
Asset protection.
Energy Production.
•
Asset protection.
Border Security Points
•
Mass casualty threat screening.
•
Prohibited items.
•
Asset protection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 59 OF 3 11
Threat
Search, Screening and Detection is applicable to a range of threats identified in the Design Basis
Threat, for criminality, terrorism and extremism.
During the threat and risk consideration, the designer should determine first whether there are prohibited
items or not. This will then drive whether there is a need for search, screening or detection to be
undertaken.
Secondly, if there is an identified requirement, the designer needs to determine where the threat is likely
to occur at the facility, site or building to ensure timely intervention that will minimise the likelihood and
impact of the risk being realised.
For example, the prevention of threats focused upon violence or terrorism may require early detection of
crossing the site boundary. This may then focus on detecting:
•
Mass Casualty Items – IED, large firearm.
•
Smaller firearms.
•
Knives, and other weapons.
However, where detection of more specific items is required, which would most likely be at Restricted
Protection Group locations. These items may include:
•
Mobile phones and cameras.
•
Data removal devices.
•
Trace detection – e.g. narcotics, explosive, firearms residue.
The detection of these elements may be applied site-wide or just to specific areas.
Search, screening or selection should only be required where there is an identified threat or asset
requiring protection that would be an intolerable risk without the screening mitigation.
Success criteria
The success criteria for searching, screening and detection is as follows:
•
The detection of relevant prohibited items, at the desired point of detection.
•
Provision of required assurance level for detection, i.e. is it 100% or a lower percentage to act as a
deterrent effect.
•
Provision for sufficient screening capacity, to allow for the required throughput rates, minimise dwell
and disruption. In some cases, this will need to be balanced against spatial requirements and likely
capital and operational costs.
•
On a positive detection, can the prohibited item be effectively prevented from passing the search or
screening area.
•
Blended design, enhancing the user journey through any security process, or if practicable, making
the process seamless.
Search, Screening and Detection Process
If the risk assessment identifies a need for search, screening or detection, then the design process
should be developed across three distinct process zones with key design considerations being satisfied
in each zone. The three zones are outlined in the following graphic:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 60 OF 3 11
1. Risk Identification
Prior to commencing design, the designer must assess whether a search, screening or detection
security effect is required based upon the threat and risk assessment for the specific site.
Threat changes and scalability should be planned for. This may be in the form of power, data and
spatial allocations in the correct locations.
The risk identification stage will be based upon a number of considerations including:
•
Crowded Place – a crowded location provides an inherently attractive location for a terrorist attack
and could use mass casualty threat methodologies such as firearm, blade or IED attacks. Providing
high-level screening for crowded places where there is an identified and assessed inherent target
attractiveness, can help in detecting mass casualty threat methodologies.
•
Criticality – a site, facility or building with a higher level of criticality, including function or
association with the government, will have a number of assets which could be targetable by both
criminal and terrorist / extremist methodologies.
•
Detection Requirement – certain sites or facilities will require enhanced detection, such as
explosives trace detection or drug substance detection, e.g. Airport, where there are clear
requirements under the aviation security requirements.
The site-specific risk zoning exercise is particularly important in defining the requirements for search,
screening and detection. The risk context may not apply to the whole site, and only certain areas of the
site may require Search, Screening or Detection.
A site risk zoning exercise therefore identifies the areas where different levels of prohibited item
detection are needed. A simplified example for a hospital site is shown below.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 61 OF 3 11
The process provides a logical method for ensuring that searching, screening and detection is only
applied where needed at the site, rather than providing complete site coverage.
2. Detection Matrix
Once a risk-based need for search, screening or detection is identified, the designer must identify what
constitutes the prohibited items. A detection matrix should then be produced that indicates what will and
what will not be detected by the screening process.
The detection matrix is based upon:
•
What prohibited items the screening process should detect?
•
What level of assurance should be provided that the threat will be detected by the search and
screening process? (assurance % of detecting the threat). The designer should consider scalability
of the process to meet higher threat levels and whether an allowance for this is included.
•
What percentage of attendees should be processed through the search and screening process for
detecting the relevant threat? (% of people processed).
A prohibited items list can be drawn from the identified threat types of the location specific Threat and
Risk Assessment, and should relate to the risk zoning exercise undertaken in step one.
The prohibited items list can then be applied against the levels of assurance for detection required,
categorising threat items as either:
1. Essential to detect (100%)
There should be a 100% assurance that the prohibited item is successfully detected during the
screening process. To achieve 100%, it is imperative that all personal/goods are subject to the search,
screening or detection process. This approach can be scaled back if the threat level is lower than
anticipated or altered by an event at a facility.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 62 OF 3 11
2. Desirable to detect (10-90%)
The level of assurance required is variable, and scalable in response to the designer’s risk assessment.
The process is scalable in the level of assurance provided by the screening process, and the percentage
of people/goods subjected to such screening.
3. Not required to detect (0%)
These items are not considered as threat items by the designer’s risk assessment, and therefore do not
require detection.
If the facility, site or building will operate in a number of operational modes that change the threat level,
then different detection matrices may be required for each mode. Otherwise, the process must be shown
as scalable and flexible to be suitable for all modes of operation.
An example detection matrix is as follows:
Essential to Detect (100%)
Desirable to Detect (10-90%)
Not Required to Detect (0%)
Explosives
Other items on the prohibited item
list including alcohol etc
Mobile phones
Firearms and ammunition
Other liquids
Recording devices
Large weapons – machete,
baseball bats, hammer etc
Computing devices
Protest materials – chain, flags etc
Cameras
Damage materials – Animal blood,
paint, flour etc
Smaller weapons – knives under 6
inches, sharp weapons, including
scissors
Arson equipment – matches,
lighters etc
CS or pepper sprays
The example below shows varying detection matrix requirements across the different locality risk zones
of the identified hospital example.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 63 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 64 OF 3 11
4. Methods of Search, Screening or Detection Achievement
From the development of the detection matrices, suitable search, screening and detection options
should be selected.
In general, there are likely to be five broad levels of search, screening or detection, with varying levels of
user disruption. Each example level of screening could use different equipment / processes, or
combinations, to provide a varying level of detection assurance and scalability.
It is expected that the majority of industrial applications will required Level 3 & 4 capabilities.
Level 0: Do nothing – no screening required.
Level 1: Automatic high-level screening for mass casualty threats.
This is to be non-intrusive, as to not diminish from the visitor journey / experience. However, there must
be a method for investigating detections. The over-arching approach may limit bag size that can be
brought to the venue, could employ staff to visually assess for larger threats such as a rucksack IED or
long barrelled weapon. Or a high flow rate mass screening system may be employed using Terrahertz
scanning or other technology.
The designer should detail a clear interdiction process for the high-level mass casualty screening
process. The designer should also consider how assurance can be provided, reducing opportunity for
the mass casualty threat scanning to be bypassed – this may need to be operationally managed.
Level 2: Automatic high-level screening for mass casualty threats, plus video analytics.
This may be non-intrusive as given above. The use of video analytics, such as left package / loitering
alerts, can provide enhanced assurance for detection of certain threats.
This represents a combination of methods, which may also include trained staff, and the designer needs
to define the overall detection strategy and its concept of operations.
Level 3: Low level screening for some level of assurance of prohibited item detection.
Level 4: Comprehensive screening for high assurance of prohibited item detection.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 65 OF 3 11
A comprehensive screening process is required for detection of a wide and complex range of items.
Therefore, the detection approach will need to rely on a range of searching and screening methods,
more likely in a layered system to be able to provide various assurance levels.
5. Throughput Analysis
Dependent upon the search and screening method / equipment / process used, there will be a variable
throughput rate. This should be considered in relation to:
•
Capacity – the number of persons to pass through the process.
•
Flow rate – the rate of which a person is screened, dependent upon the chosen screening method /
equipment.
•
User arrival process – the variable rates in which users will arrive.
•
Customer journey – the level of interaction that is acceptable.
An example throughput matrix is as follows:
Location
Main Entrance
Expected
Arrival
Capacity
(15 mins)
Flow rate
(each lane per
minute)
(per 15 mins)
Lanes
Required
235
6
90
(2.6) 3
Single Lane
Capacity
Space
Required
(per lane)
Min 10.0m x
12.0m
The throughput flow rate is likely to be variable, with delays caused by user non-compliance likely at
either the Preparation Process Zone or Response Process Zone, complexity of what is being screened
or detections. As part of the screening process, the potential for reductions in throughput can be
addressed, by:
•
Communicating the expected arrival process to the users.
•
Clear policies on prohibited items, communicated to user pre-arrival.
•
Allowable bag sizes communicated to user pre-arrival.
•
Allowing sufficient spatial allocation for the process to take place.
•
Having a quick and defined interdiction policy within the response process zone.
6. Example Screening Measures
The table below provides examples of varying types of screening technology. The designer should
select the relevant screening process / measures, based upon their specific use case performance
requirements. Throughputs should be clarified with manufacturers with evidence of the achievable
throughput given.
Example Measure
Usage Characteristics
CT Scanner
•
Baggage scanning.
•
Detects prohibited items with 3-D model of
contents.
•
High level of assurance for detection.
•
Throughput (200 – 300 people per hour).
•
Analytics to aid detection of prohibited items.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 66 OF 3 11
Example Measure
Usage Characteristics
Millimetric Wave Scanner
•
MMW scanner for persons.
•
Profile images of person, showing concealed
items.
•
Analytics to aid detection of prohibited items.
•
Throughput (150 – 300 people per hour).
•
WTMD portal for persons.
•
Alert when metal object passes through.
•
Varying levels of sensitivity to provide for
required threat type detection, and level of
assurance.
•
Throughput (350 – 400 people per hour).
•
Passive scanning system for persons, with
person screened whilst in transit.
•
Detection of mass casualty threat items.
•
Throughput system (Optimised 3,500 people per
hour).
•
Limited level of assurance for detection.
Walk Through Metal Detector
Mass Casualty Threat
It is important that the designer is aware of, and respondent to, the limitations of any screening process
employed.
For example, mass casualty passive scanning could be unreliable if multiple persons pass through
simultaneously and if complicated bags are carried – this would require a supporting technology,
management process or design to ensure that the potential for residual risk is limited.
7. Intervention Plan
As identified in the throughput analysis, clear policies in the Response Process Zone are required to
support both the throughput and also the integrity of the process. The process becomes redundant
without a clear intervention plan to prevent the detected item from being carried beyond the control line.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 67 OF 3 11
A defined intervention plan must be developed by the designer in order to support the screening
process. This should take account of:
•
How will alerts be generated when a prohibited item is detected?
•
How will such alerts be dealt with? Will this be an automated or human response?
•
What enhanced screening will a person be required to undertake to resolve a first alarm?
•
Is there sufficient area for a person to be dealt with, in a rejection zone?
8. Design Considerations
The following further design considerations will need to be taken into account:
•
Architecturally lead – there is opportunity for the design to be incorporated within the architectural
design principles of the project. The design and process should aim to improve the visitor / user
journey and look to use innovative design features to make the screening process as seamless as
possible.
•
MEP – screening equipment requires power and data, which should be coordinated with design
teams. This will be required for both permanent screening locations, and any temporary ‘pop-up’ or
scalable screening locations.
•
Spatial allocation – adequate spacing for the screening equipment, and to allow for the throughput of
screened persons is required. This also needs to provide sufficient space for security operators. The
spatial allocation can be large, especially with a high volume of people, bags or goods.
•
Lane design – coordinated design to provide for maximum efficiency and user experience, ensuring
lane design is easily accessible and supportive of required throughput, e.g. appropriate length of
tray roller beds for luggage screening.
•
Ground loading – screening equipment such as CT scanners are heavy pieces of equipment. The
ground loading should account for the equipment.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 68 OF 3 11
Reference Standards
The following reference standards are the minimum standards for searching, screening and detection
technology.
Standard
Description
EN 62368-1 + A11
Audio/video, information and communication technology equipment.
Safety requirements.
BS EN IEC 61000-6-1
Electromagnetic compatibility (EMC). Generic standards. Immunity
standard for residential, commercial and light-industrial environments.
ASTM F3356
Standard Specification for Conformity Assessment of Metal Detectors
Used in Safety and Security.
ASTM F2401
Standard Practice for Security Checkpoint Metal Detector Screening of
Persons with Medical Devices.
STM C1270 - 97
Standard Practice for Detection Sensitivity Mapping of In-Plant WalkThrough Metal Detectors.
ASTM C1269 - 97
Standard Practice for Adjusting the Operational Sensitivity Setting of InPlant Walk-Through Metal Detectors.
ASTM C1238 - 97
Standard Guide for Installation of Walk-Through Metal Detectors.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 69 OF 3 11
B17: Security Control Rooms and Monitoring Points
This section covers the fundamentals of Security Control Rooms (SCR) design throughout the NEOM
region. These facilities provide a point of consolidation for operators to obtain information on the status
of related security systems and operations. Control rooms where practicable should be within walking
distance of other static security locations, such as gatehouses, monitoring points etc.
A structured design process should be followed in the development of all control rooms environments
with a human centred approach to meet with the demand for the number of systems, sensors and
services which are controlled or monitored by the operators.
Spatial requirements should be identified early, including UPS locations, welfare and operator space.
Defining the operational requirements for the SCR is therefore a key initial step that the designer must
undertake at the start of the design process.
Systems
The operation and control of each system needs to be determined prior to the development of a SCR
design. Security systems will vary dependant on the site application with some large sites or integrated
regional systems being responsible for all aspects of control and operation.
Typical security applications featured within an SCR include but are not limited to some of the following
applications:
•
Intruder Alarm Systems.
•
Access Control.
•
Video Surveillance.
•
Perimeter Intruder Detection Systems.
•
Security Lighting.
•
Alarm Signalling.
•
Intercom Systems.
•
Radio Communications
•
Vehicle Barrier Controls.
•
User Interface.
•
Other non-security systems that are critical to the site, e.g. development/industrial freezer alarms.
A Physical Security Information Management (PSIM) system should be used to harmonise the various
systems and consolidate the interface to a single user interface.
The need to integrate systems should be carefully considered to ensure integration is the appropriate
option.
Redundancy and System Resilience
The security systems with the exception of field devices (intrusion detection sensors, cameras, card
readers, radars) shall exclude single point of failures, such that a single component failure cannot
disable the system function.
All security systems core computing and network components shall be in a high-availability configuration
to ensure availability of not less than 99.95% per component. These components specifically include:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 70 OF 3 11
•
Servers.
•
Network Video Recorders (NVR).
•
Operator workstations.
•
Administration workstations.
•
Archive and back-up systems.
•
Network switches, routers and firewalls.
Exception: industrial ethernet switches supporting single field devices are excluded from the above
requirement.
The high-availability requirements detailed above can be achieved by a combination of:
•
Separate redundant units, such as primary and back-up units.
•
Single units with fully redundant hot-swappable components of CPU, memory, power supply,
network cards, hard-disk storage, etc.
•
Virtual computing architecture.
The critical computing and network equipment shall also have a spare capacity as follows:
•
20% spare capacity of all computing power (RAM & CPU).
•
20% spare capacity for all network physical ports.
•
20% spare capacity for all network bandwidth (within the site security network).
•
50 % spare capacity for all hard disks.
Field devices (intrusion detection sensors, cameras, card readers, radars) shall be in a redundant
configuration only if a single device failure will significantly disable the system function.
Automatic switch-over function shall be enabled between all redundant components without loss of
operational function or data.
Computer Hardware
Computer hardware applied as a component of security systems shall be of the latest generation
available at the time of project proposal design completion. The hardware shall have adequate memory
and processing capacity to ensure no latency to allow real-time operation in all operational conditions.
Operating system and applications shall be installed on a Hard-Disk Drive (HDD) or Solid-State Drive
(SDD) while data shall be stored on a separate discrete physical HDD or SSD.
Operating Systems
Operating systems used for the security system shall be latest version and have full mainstream support
from the manufacturer.
All service packs, and other Operating System updates, shall be installed prior to system
commissioning.
Data and System Backup
The systems shall be equipped with mechanism to provide full back-up every 30 days and daily
incremental back-ups. Back-up operations shall not interrupt the system operation.
Back-up records shall be stored off-site and accessed only by authorized personnel.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 71 OF 3 11
Date/Time Synchronization
All devices connected to the security systems shall have their date and time synchronized via a
centralized or distributed time servers.
Tamper Protection
All security system field components shall be equipped with tamper protection that will annunciate an
alarm if any attempt is made to tamper with system elements.
All junction and pull boxes, mounted externally, shall use tamper-proof screws for all fasteners. All
outdoor cables shall be protected in steel conduits.
Openings in the system housing shall be sealed.
Component Failure Alarms
The system shall annunciate an alarm when the function of an operational component is lost (e.g. field
devices, UPSs, generators, etc.).
False Alarm Reduction
The system control panels shall observe guidelines in ANSI/SIA CP-01-2014, False Alarm Reduction
Standard, into the system design and material selection to reduce the incidence of false alarms.
Integration
The SCR shall be integrated into central Security Control Center (Emergency Center / 911 Building).
UPS and Emergency Generators
For Sites with a Restricted Protection Group, on-site dedicated UPS and emergency generators shall be
provided for Security systems.
The UPS shall have battery capacity to power its maximum rating for 2 hours minimum and it shall be
sized with 30% spare capacity over and above the actual calculated load.
The emergency generator shall be sized to power all security systems & devices, air conditioning,
lighting, fence lighting and communication equipment installed at the security facility while maintain 20%
spare capacity.
The generator shall be able to sense power failure at the incoming local utility power feed to the security
system and initiate start-up. The fuel tank for the generator shall have a low-fuel level alarm connected
to the gatehouse and Central Security Control Center that triggers when the fuel level drops to 10% of
full capacity.
Policies
Clear policies should be developed in terms of the day to day operation and responsibilities within the
SCR environment to ensure activities are adhered to and the integrity of the SCR is maintained.
Policies should include training and communications, division of work and tasks, competencies and
management, code of conduct and auditing. The designer will need to provide a concept of operations
for the SCR that demonstrates how it functions day to day, and also during an incident.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 72 OF 3 11
People
The SCR will comprise a number of system interfaces both “hard” (panels, controls devices) and “soft”
(computer and digital interfaces) to accommodate the daily operations, such as:
•
Control Panels.
•
Operator Consoles.
•
Safety Systems.
•
Displays Screens and Walls.
•
Furniture.
•
Welfare Facilities.
Once a study has been undertaken to determine the operational requirements of the SCR a User
Centred Design (UCD) should be undertaken as the amount and type of information that an operator
can monitor is limited and errors can occur if over-burdened with duties.
Resilience
The systems being managed by the SCR should be resilient against both attack and failure.
Consideration should be given to redundancy of systems and back-up and/or failover of critical power
and communications connections in the event of an outage or incident response.
As the SCR is a critical room, the routing of other building services through the room should be avoided,
where these services could cause damage. e.g. water pipes.
Physical SCR Design
Spacing should be assessed for the mounting of display and control equipment throughout the SCR and
how operators will interact with the systems.
The layout of furniture, lighting and temperature all have to be considered to achieve a suitable working
environment for operators allowing them to conduct tasks unhindered.
Working spaces should be considered for operators, managers, incident rooms, collaboration spaces,
welfare facilities.
Operator consoles should be suited to meet the necessary equipment required:
•
Display screens:
o
The system shall have 4 levels of integrated display for security operators. All displays shall be
1080p or higher definition. Displays shall be adequately sized for the application and shall have
capability for 24/7 operation.
▪
Display 1: Overview Map.
▪
Display 2: Video Split-Screen Display, dedicated to viewing camera feeds, user selectable
or sequenced, and shall automatically switch to alarm zones display during an alarm.
▪
Display 3: Index display, listing all cameras or alarm zones.
▪
Display 4: PTZ Camera Display.
•
Keyboards.
•
Camera control equipment.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 73 OF 3 11
•
Telephones.
•
Hard wired panels and controls.
•
Space to undertake paperwork.
Enough displays should be provided to carry out duties and sized accordingly, including visual access to
a display wall if required.
The console design should be ergonomically correct to meet with the demands of the operator and
provide a comfortable working position including:
•
Vertical, horizontal and lateral clearance for the legs, knees and feet under the work surface.
•
Work surfaces at or slightly below elbow height.
•
Instruments and displays located in appropriate visual zone.
Further Considerations
For larger SCRs there are other areas of consideration which supplement the SCR. These areas are
detailed below with insight as to scaling and location in relation to the SCR.
Room
Sizing
Location
Equipment room
Number of cabinets, including potential
future additions.
Direct access from Control Room?
Engineering Support
Room
Number of people, furniture and
equipment. Consider ʻnormalʼ support and
demanding situations e.g. commissioning.
Engineering support desks may be
located in the Control Room or
Equipment Room in addition or as an
alternative. Location should be
determined by the required interaction
between Engineers and operators.
Electrical power
room
May need to be partitioned (e.g. between
transformers, switchgear and UPS and
between redundant feeds).
Access restricted to authorised persons.
Environmental
services/HVAC
Number of Air Handling Units (AHU),
heating and cooling plant.
Noise and maintenance access.
Meeting rooms
Number of people, furniture and
equipment.
Will operators need to attend meetings
whilst on duty?
Offices
Number of people, furniture and
equipment. Particular consideration for
Supervisors and Plant/Field Operators.
Direct access from Control Room?
Able to see into or monitor activity in
Control Room?
Training facility
Furniture and equipment.
Will operators need to attend meetings
whilst on duty?
Kitchen/dining
Food storage for each team/shift
(lockable), preparation and cooking
facilities. Dining furniture
Access for duty CRO.
Room
Considerations regarding size.
Considerations regarding location.
Drinks lounge
Access to drinking water. Tea/coffee
making facility
Access for duty operators.
Toilets
Male, female and disabled.
Access for duty operators.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 74 OF 3 11
Room
Sizing
Location
Showers
Male, female and disabled.
Clean and dirty areas.
Personal storage
Storage for clothing and personal items.
Provision for secure storage (lockers).
Work item storage
PPE, cleaners’ equipment and materials,
office supplies, plant spares, portable
communications. Adequate to contain any
special maintenance or cleaning
equipment to be used in the Control
Building (e.g. cleaning or maintenance of
a room with a high ceiling).
Document Library
Books, manuals, drawings. Access to
electronic copies, local backups.
Access for duty operators.
Visitor facility
Reception area. Viewing gallery.
Controlled access.
Prayer room
Cultural requirements.
Access for duty operators.
Muster area
Maximum number of people to be
accommodated. Emergency equipment to
be stored.
May be combined with another use or
located in another room. Mustering in
the Control Room should be avoided
because it can cause distraction.
Incident command
centre
Maximum number of people making up
the command team.
Access for duty operators and
communication links with Control Room
during an incident. Control Room may
be used for this.
Collaboration or
Video Conference
Room
Number of people, equipment to be used.
Typically to facilitate
Direct access from Control Room?
collaboration with remote operations
and technical support teams.
IT Support
Number of people, furniture and
equipment.
May be as part of the control room or as
a separate room.
Humans System Interfaces
A SCR operators’ role involves the monitoring and controlling of security systems and detecting
assessing and responding to events.
A Physical Security Information System PSIM should be utilised to consolidate various events and alerts
from security systems and present them in a Guided User Interface or GUI. For smaller systems, this
may be achieved through either the access control or VSS head end software.
The GUI should collect and present data from all integrated systems and devices enabling the operators
to carry out their tasks efficiently.
The PSIM should assist operators in their roles by automating and prompting certain aspects of
operations through a structured cause and effect matrix by aggregating information from various
systems and automating processes to effectively manage events and initiating the appropriate response.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 75 OF 3 11
Reference Standards
The following standards should be used when developing the SCR design:
Standard
Description
BS EN ISO 11064
Ergonomic design of control centres.
BS 6396
Electrical systems in office furniture and educational
furniture Specification.
BS 7083
The accommodation and operating environment for
Information technology (IT) equipment.
BS EN 50398-1
Alarm systems. Combined and integrated alarm systems.
General requirements.
BS 7958
Closed circuit television (CCTV). Management and
operation. Code of practice.
BS 8418 + A1
Installation and remote monitoring of detector-activated
CCTV systems. Code of practice.
BS EN 62676 Series of Standards
Video surveillance systems for use in security applications.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 76 OF 3 11
B18: HVAC, Intakes and Ducting
This section should be read where the Security Threat and Risk Assessment has identified a need for
a secure and resilient HVAC system. This will be a requirement for critical facilities and also all
facilities where there is a crowded internal space, such as an arena, station or hospital.
Given the climate in NEOM, HVAC systems will be widely used across all indoor spaces, it will
perform a key function in ensuring a comfortable environment for all NEOM Citizens and Visitors. If an
individual HVAC system within a key asset or an industrial control facility was disabled during the
summer months, then this would likely result in a level of discomfort that could lead to disruption.
It is anticipated, however, that consideration of this aspect will be included within the MEP design and
it not an additional concern for security.
This functional requirement is concerned with facilities that may be targeted by and, in an unmitigated
state, be vulnerable to a CBRN attack.
Overview
Mechanically ventilated spaces provide a viable means to disseminate chemical or biological agents
within a building.
The use of contaminants within the built environment, to date, has been rarely seen, however it
should be acknowledged that threats will likely evolve over time, especially where the building creates
a crowded space. Taking the opportunity to embed good security design practice within NEOM will
ensure that the opportunity for threats, such as CBRN, are more difficult to realise.
Therefore, air intake and recirculation vents should be positioned at a suitable height to make a
deliberate act more easily identifiable by VSS or operational staff.
Performance Requirements
Air Intakes and HVAC Ducting
All air intakes should be positioned where possible at a suitable height above grade level to deny
physical access to the air intake, especially to deny the introduction of vapours, gases and liquids.
The minimum height above accessible areas should be 3.0m from the most advantageous attack
point.
If a building or space is classed as a Protection Group Restricted, then the minimum height should be
increased to 4.0m.
If air intakes are placed on roof levels, then access to the roof space should be controlled, with no
public access allowed within the vicinity of the vents.
Where a suitable height above grade cannot be achieved, intakes should be protected with
appropriate architectural covers or grates in keeping with the appearance of the facility.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 77 OF 3 01
Ducting, access hatches and inspection points should all be positioned in back of house areas and
fitted with either locks or anti-tamper fixings as appropriate.
For buildings that are classed as Protection Group Restricted and Enhanced if identified as a
specific vulnerability during the STRA:
•
All HVAC intakes shall be positioned a minimum of 4.0m above FFL and positioned behind a
secure physical barrier.
•
Where a physical barrier is not desirable or practical, the HVAC intakes should be positioned a
minimum of 5.0m above FFL.
•
All HVAC intakes vents should be fitted with louvres and grilles, to mitigate against
unauthorised access by persons and materials.
•
For secure rooms, or sensitive areas (i.e. Control rooms or Protected spaces) these should
have isolated ventilation systems designed in and be separate from the main building
ventilation systems.
•
HVAC systems should be supported by suitable UPS to ensure a minimum level of redundancy
is achieved.
•
VSS and detection capabilities should be designed to provide monitoring and alarm functions at
HVAC intake locations with alarms to the Security Control Room.
•
The ability to stop intakes and reverse air flows via the Building Management System should be
possible.
•
If indicated by the STRA process for blast related threats – Restricted sites, facilities and
buildings shall consider the inclusion of blast protection valves and dampers to reduce the
internal effects of adverse loading.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 78 OF 3 11
Reference Standards
The following standards should be used when developing the HVAC design:
Standard
Description
ASIS 2012
Protection of Assets Manual.
ASHRAE. 2003
Risk Management Guidance for Health, Safety, and
Environmental Security under Extraordinary Incidents.
Presidential Report of the American Society of Heating,
Refrigerating and Air-Conditioning Engineers.
ANSI/ASHRAE 52.1-1992
Gravimetric and Dust Spot Procedures for Testing AirCleaning Devices Used In General Ventilation For
Removing Particulate Matter.
ANSI/ASHRAE Standard 55-2004
Thermal Environmental Conditions for Human
Occupancy.
ASHRAE 62.1 - 2019
Ventilation for Acceptable Indoor Air Quality.
DHHS (NIOSH) Publication No. 2002-139
Guidance for Protecting Building Environments from
Airborne Chemical, Biological, or Radiological Attacks.
Saudi Building Code (SBC) 2018
The Saudi Building Code (SBC) is a set of legal,
administrative and technical regulations and
requirements that specify the minimum standards of
construction for building in order to ensure public safety
and health.
For facility type specific technical codes and standards that may have an impact on the provision of
security and its infrastructure, refer to:
Technical Schedules: List of Technical Codes and Standards, NEOM-NEN-SCH-005 – Latest
revision.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 79 OF 3 11
Annex C- Construction Site (Temporary)
C1: Introduction
This document defines the security infrastructure requirements for construction sites and temporary
camps at NEOM.
Operational requirements should refer to the Schedule S – Operations Security.
Construction requirements should refer to the Schedule S – Construction Security.
This document forms Appendix C to the Security Standard and provides a quick and detailed security
guide for these sites at NEOM.
The content of this document consists of the following three sections:
1.
C2 – Construction Site Security Requirements and temporary Camp Requirements.
2.
C3 – Site Security Audit Checklist.
3.
C4 – Perimeter Fence Specification.
Security Controls
For NEOM to maintain an effective security regime during construction, each facility shall have
security controls that are physical and procedural. The physical and procedural elements shall both
be designed to enhance the security of the site by using control measures designed to achieve the
following security effects:
•
Deter, detect, delay, and deny access to intruders.
•
Respond and recover from an actual or potential security incident.
Aligned to achieving this is the need for a minimum baseline for security management and operations.
An essential part of this is the development by each site of a Security Management Plan or Manual.
The minimum information required in the Security Manual is outlined below.
The Security Manual shall be reviewed on the following basis:
•
A minimum of every 6 months.
•
Following a major security incident.
•
When the STRA is amended.
Security Manual Contents
Facility Security Plan (FSP)
In addition to the following main components of FSP, FSP shall provide the FO with the requirements
for SCR and a method to identify and implement required changes, enhancements or improvements
to the facility security posture.
•
Physical protection measures (infrastructure & security systems design).
•
Security program for upgrades, enhancements or improvements to existing security components
or infrastructure as recommended in the STRA.
•
Security organization structure. (Organization chart & personnel list)
•
Competency & Training of Security Personnel:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 80 OF 3 11
•
o
Analyze Training Requirements/needs
o
Design Training program (example Formal, Refresher, Equipment, On the Job etc)
o
Develop Security Training program (Training syllabus, Instructor manuals, Training
schedules, Training manuals, and audio visuals) for Security Staff
o
Security Awareness Training for employees
o
Induction of new employees
o
Introduction of security requirements in the safety induction on site for visitors and
contractors.
Maintenance & Support Program (MSP); for security infrastructure & systems and equipment:
o
Define Maintenance Requirements.
o
A maintenance plan for Preventive Maintenance and Remedial Maintenance.
Security Management Policy
Standing Operating Procedures (SOPs)
SOPs shall include, but not be limited to the following:
•
•
•
•
Physical Security Procedures:
o
Access Control.
o
ID Card Procedures.
o
Visitors.
o
Contractors.
o
Vehicle Entry Permits.
o
Material Control.
o
Key Control.
Information Security & Cybersecurity:
o
Information protection.
o
Document Control & Document Security.
o
Photography permits.
o
Laptop & IT permits.
Security Management Procedures:
o
Security Reports (i.e. Daily).
o
Security Statistics and Performance Measurement.
o
Security Incident & Threat Reporting & Investigations.
o
Contraband items.
o
Pre-employment screening and background checks.
o
Weapons (Firearms) Control (Handling and Storage).
o
Communication with Security Services Contractors and Suppliers.
o
Waiving of Standard Security Procedures.
o
Monitoring Procedures.
o
Test Procedures.
o
Alarm Assessment Procedures.
o
Dispatch Procedures.
Specific Security Incidents:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 81 OF 3 11
o
Emergency Planning (Emergency Response for Security Personnel).
o
Response to Bomb Threat.
o
Dealing with suspicious parcels.
o
Dealing with “Lost and Found” Items.
o
Vehicle Accidents.
o
Workplace Violence, threats, intimidation, and other misconduct.
o
Security Alert Levels.
o
Security Breaches – Illegal document copying/removals etc.
Site Security Forms
Example forms are listed below. Exact number and type of forms, if required, shall be coordinated
with NEOM Public Safety Department.
•
SSF-01 Visitor’s Application Form
•
SSF-02 Departmental Authorized Signatory Form
•
SSF-03 Request for ID Card Form
•
SSF-04 Temporary Entry Permit Form
•
SSF-05 Reporting Loss of ID Card Form
•
SSF-06 Vehicle Entry Permit Application Form
•
SSF-07 Material & Equipment Gate Pass
•
SSF-08 Security Post Report
•
SSF-09 Shift Report
•
SSF-10 Daily Security Report Form
•
SSF-11 Security Incident Report Form
•
SSF-12 Bomb Threat Information Form
•
SSF-13 Equipment/Waste removal permit – Permanent transfer/Dispose/Repair –Return.
Security Post Orders/Assignment Instructions (Responsibilities & Job Description)
•
General Instructions.
•
Superintendent of Security – accountable for Security and its Governance at the site.
•
Security Supervisor.
•
Security Shift Captain.
•
Gate Security Staff.
•
Security Patrol Staff.
•
CCTV Operator.
•
Visitor/Reception Security Staff.
•
Security Control Centre Operator.
•
X-Ray Checkpoint Security Staff.
•
Foot Patrolling.
•
Mobile Patrolling.
•
Security Staff Turnstile Gate.
•
Security Staff Material Department Gate.
•
Security Staff Admin Building Reception.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 82 OF 3 11
C2: Construction Site Security Infrastructure Requirements
Security of NEOM Construction Sites
The following descriptions outline the requirements to be applied to all construction sites within NEOM, unless requirements are downgraded by NEOM Public
Safety Department on an individual site basis.
Infrastructure
Security Requirement
Video Surveillance System
•
Continuous coverage of the perimeter to an image quality of 62ppm through fixed cameras supported by PTZs for tracking.
•
Image quality of 125ppm to be achieved at all entry points.
•
Recording for 90 days at a background rate of 6pps that will rise to 25pps on incident, alarm or operator action.
•
All cameras should be IP and a minimum of 1080p.
•
Additional cameras should provide images at 62ppm of:
o
Critical power supplies.
o
Water tanks.
o
Sensitive locations or storage.
Video Analytics
Intrusion detection analytics linked to images to be employed as required.
Other Surveillance Systems
Based on results of the STRA.
Access Control System
All access points on and off the construction site must be controlled to ensure only authorised movement takes place.
When not in use, the perimeter gates should be locked. (These can be left unmanned without compromising security as long as
another form of surveillance is in place – VSS, patrolling, and an intrusion detection system).
All vehicles should be checked at the perimeter to ensure that the people and any load entering the site have been verified. All
personnel should be verified against identification carrying a photo where they are not regularly employed on the site. Other access
requirements will be based upon the site safety and escort policies.
A gate pass system for checking vehicles should control vehicles' exits with loads.
Personnel with regular access to the site should be controlled based on a site-wide access control system. This will involve
corporate badges and issued visitor or temporary badges using a guard-controlled 'pass system'. The following principles should
apply in designing a pass:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 83 OF 3 11
Infrastructure
Security Requirement
•
NEOM logo.
•
Computer-generated colour photograph.
•
Facility name.
•
Holder name.
•
Holder function.
•
Security zones access/colour code.
•
Expiry date.
•
The issue, control and return system must be reviewed by NEOM security management weekly.
Pedestrian entry points should be controlled through full height turnstiles that form part of the perimeter to continue the secure line.
The turnstiles and the surrounding elements must offer the same level of security protection as that achieved by the perimeter
barrier system.
Access control should be system based:
•
On either cards or biometric template.
•
Prevent tailgating or passback.
•
Be individual to the person allowing individual audit trails to be established.
•
Have a centrally controlled database that allows the rapid removal of access privileges and time based criteria for access.
All visitors should be registered and held at the guard room/gatehouse until the representative they visit authorizes their entrance.
Once on-site, the visitor should be escorted at all times, unless on pre-determined Green Lanes, and it becomes the responsibility of
the person who confirmed access (the sponsor) for their safety at all times on site.
Intruder Detection System
Perimeter Intruder Detection should be enabled through the Video Surveillance System using suitable analytics and monitoring, in
combination with security patrols.
Point Intruder Detection should be enabled through access control points and/or specific cameras set with motion detection for areas
or heightened threat.
Duress Alarms
To be included as a function of the site radio communications handsets or issued to key personnel as an individual device.
A mass notification in case of emergency and evacuation should be provided across the whole construction site and/or active work
areas.
Security Lighting
•
Perimeter lighting. Perimeter lighting should enable guards and patrols to detect persons interfering with the perimeter barrier.
Lighting should provide a minimum 10 Lux across the whole perimeter with a 0.4% uniformity.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 84 OF 3 11
Infrastructure
Security Requirement
•
Checkpoint lighting. The entire zone around any gate should be well lit so that people and vehicles can be seen and inspected
quickly with a white light of 100 Lux positioned to enable drivers and their photo IDs to be read easily.
•
Area lighting. For security purposes a minimum of 20 Lux should be provided. This may need to be increased if the lighting
also provides task lighting for other activities.
Cyber Security
•
See Section A7 of Appendix A.
Perimeter Barriers
A perimeter fence should be installed around the construction site with entry point and emergency gates designed to a similar
standard as the fence. The fence will be a 2.4m chain-link construction as defined in Section C3.
Pedestrian gates must be a minimum of 1.2m in width.
Vehicle gates must be a minimum of 4.0m in width.
Internal separation by fences should be 2.4m in height, constructed from chain-link and not contain an anti-climb topper. Internal
separation should be applied to critical power supplies, water tanks and sensitive areas and storage.
•
Vehicle Security Barriers
Where perimeter will only be in place for temporary periods (up to 4 months) a surface mounted fence system may be
employed, but must be suitable for the terrain, wind loading etc. in that specific location whilst meeting the same overall security
requirement as the 2.4m chain-link fence.
Based on results of the STRA.
Vehicle control barriers should be installed to control access of vehicles on and off the site. These should be sited to facilitate the
vehicle and load monitoring requirements required at the site.
Counter Unmanned Aerial Systems
Based on results of the STRA.
Blast Protection
Based on the results of the STRA.
Ballistic Protection
Based on the results of the STRA.
Security Door Sets
Doors that are access controlled should conform to a minimum standard of EN1630 RC2 or PAS 24 or equivalent.
Doors required to provide specific security protection to sensitive materials, sub-stations or information should be rated to a
minimum of LPS 1175 B3 or equivalent.
Security Glazing
Glazing that is easily accessible (below 2.0m) should be protected from impact damage through the fitting of grills or a bar system.
Manual Locks
Manual gates shall be secured with a padlock with a minimum Grade 4 rating under BS EN 12320.
Buildings secured by a manual lock should have a minimum Grade 5 rating under BS EN 12320.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 85 OF 3 11
Infrastructure
Security Requirement
Valuable items such as cash and information classified as confidential or higher should be stored in secure containers.
Safes
Safes should be of one-piece construction, burglar and fire-proof to protect against all types of attack for a minimum of four hours.
Lightweight safes should be bricked or cemented into position or securely bolted to the floor. A key may secure them, but a
combination / electronic lock is preferred.
Lockable Cabinets
Security standard furniture should be metal construction, and its component parts should be welded rather than riveted. Hinges and
hinge pins should be protected against attack. Locks can be either key or combination types.
Security Control Rooms &
Monitoring Points
All sites will integrate to a master command and control centre, and therefore local monitoring points will be required at associated
static security locations. The need for a formal SCR is not required unless identified through an STRA.
HVAC and Ducting
Based on results of the STRA.
Security of NEOM Temporary Sites
The following descriptions outline the requirements to be applied to all temporary sites within NEOM, unless requirements are amended by NEOM Public
Safety Department on an individual site basis.
Infrastructure
Security Requirement
Video Surveillance System
•
Continuous coverage of the perimeter to an image quality of 62ppm through fixed cameras supported by PTZs for tracking.
•
Image quality of 125ppm to be achieved at all entry points.
•
Recording for 90 days at a background rate of 6pps that will rise to 25pps on incident, alarm or operator action.
•
All cameras should be IP and a minimum of 1080p.
Video Analytics
Intrusion detection analytics linked to images to be employed as required.
Other Surveillance Systems
Based on results of the STRA.
Access Control System
All access points on and off the site must be controlled to ensure only authorised movement takes place.
All vehicles should be checked at the perimeter to ensure that the people entering the site have been verified.
Other access requirements will be based upon the site safety and escort policies.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 86 OF 3 11
Infrastructure
Security Requirement
Personnel with regular access to the site should be controlled based on a site-wide access control system.
This will involve badges and issued visitor or temporary badges using a guard-controlled 'pass system'. The following principles
should apply in designing a pass:
•
NEOM logo.
•
Computer-generated colour photograph.
•
Facility name.
•
Holder name.
•
Holder function.
•
Colour coded lanyards to indicate full, partial or escorted site access.
•
Expiry date.
•
The issue, control and return system must be reviewed by NEOM security management weekly.
Pedestrian entry points should be controlled through full height turnstiles that form part of the perimeter to continue the secure line.
The turnstiles and the surrounding elements must offer the same level of security protection as that achieved by the perimeter
barrier system.
Access control should be system based:
•
On either cards or biometric template.
•
Prevent tailgating or passback.
•
Be individual to the person allowing individual audit trails to be established.
•
Have a centrally controlled database that allows the rapid removal of access privileges and time based criteria for access.
All visitors should be registered and held at the guard room/gatehouse until the representative they visit authorizes their entrance.
Once on-site, the visitor should be escorted at all times.
Intruder Detection System
Perimeter Intruder Detection should be enabled through the Video Surveillance System using suitable analytics and monitoring, in
combination with security patrols.
Point Intruder Detection should be enabled through access control points and/or specific cameras set with motion detection for areas
or heightened threat.
Duress Alarms
To be included as a function of the site radio communications handsets or issued to key personnel as an individual device.
A mass notification in case of emergency and evacuation should be provided across the whole construction site and/or active work
areas.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 87 OF 3 11
Infrastructure
Security Requirement
Security Lighting
•
Perimeter lighting. Perimeter lighting should enable guards and patrols to detect persons interfering with the perimeter barrier.
Lighting should provide a minimum 10 Lux across the whole perimeter with a 0.4% uniformity.
•
Checkpoint lighting. The entire zone around any gate should be well lit so that people and vehicles can be seen and inspected
quickly with a white light of 50 Lux positioned to enable drivers and their photo IDs to be read easily.
•
Area lighting. For security purposes a minimum of 20 Lux should be provided. This may need to be increased if the lighting
also provides task lighting for other activities.
Cyber Security
•
See Section A7 of Appendix A.
Perimeter Barriers
A perimeter fence should be installed around the construction site with entry point and emergency gates designed to a similar
standard as the fence. The fence will be a 2.4m chain-link construction as defined in Section C3.
Pedestrian gates must be a minimum of 1.2m in width.
Vehicle gates must be a minimum of 4.0m in width.
Internal separation by fences should be 2.4m in height, constructed from chain-link and not contain an anti-climb topper. Internal
separation should be applied to critical power supplies, water tanks and sensitive areas and storage.
•
Vehicle Security Barriers
Where perimeter will only be in place for temporary periods (up to 4 months) a surface mounted fence system may be
employed, but must be suitable for the terrain, wind loading etc. in that specific location whilst meeting the same overall security
requirement as the 2.4m chain-link fence.
Based on results of the STRA.
Vehicle control barriers should be installed to control access of vehicles on and off the site. These should be sited to facilitate the
vehicle and load monitoring requirements required at the site.
Counter Unmanned Aerial Systems
Based on results of the STRA.
Blast Protection
Based on results of the STRA.
Ballistic Protection
Based on results of the STRA.
Security Door Sets
Doors that are access controlled should conform to a minimum standard of EN1630 RC2 or PAS 24 or equivalent.
Doors required to provide specific security protection to sensitive materials, sub-stations or information should be rated to a
minimum of LPS 1175 B3 or equivalent.
Security Glazing
Glazing that is easily accessible (below 2.0m) should be protected from impact damage through the fitting of grills or a bar system.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 88 OF 3 11
Infrastructure
Security Requirement
Manual Locks
Manual gates shall be secured with a padlock with a minimum Grade 4 rating under BS EN 12320.
Buildings secured by a manual lock should have a minimum Grade 5 rating under BS EN 12320.
Valuable items such as cash and information classified as confidential or higher should be stored in secure containers.
Safes
Safes should be of one-piece construction, burglar and fire-proof to protect against all types of attack for a minimum of four hours.
Lightweight safes should be bricked or cemented into position or securely bolted to the floor. A key may secure them, but a
combination / electronic lock is preferred.
Lockable Cabinets
Security standard furniture should be metal construction, and its component parts should be welded rather than riveted. Hinges and
hinge pins should be protected against attack. Locks can be either key or combination types.
Security Control Rooms &
Monitoring Points
All systems to be integrated to the NEOM Master Security Control Centre.
HVAC and Ducting
Based on results of the STRA.
Local monitoring points to be provided.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 89 OF 3 11
C3: Construction Site Security Audit Checklist
#
Question
Yes
No
N/A
Comment
Construction Site Security
1
Does the NEOM Public Safety Department and the construction site manager have
a copy of the construction site security policy?
2
Has the security policy been communicated to all employees and contractors in
writing with a supporting letter or note from the contractors management team?
3
Is the construction site security policy emphasized during new employee orientation
and inductions?
4
Do periodic written communication or posters support it?
5
Does the facility have an existing and current security plan?
6
What is the date of the plan?
7
Does the facility security office maintain a current listing of NEOM security
regulations and references?
8
Does the security plan cover:
•
Fire.
•
Explosions.
•
Crises / disturbance.
•
Terrorist threat.
•
Sabotage.
•
Bomb incidents.
•
Natural disasters.
•
Illegal Activity.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 90 OF 3 11
#
Question
Yes
No
N/A
Comment
Responsibility
9
Is a security manager designated and named in writing for the facility construction
site?
Has the facility manager received formal security training?
10
Does the facility manager keep and comply with all currently applicable security
policies and procedures, such as those that apply to information security, personal
protection, travel security, and business ethics?
11
Does the security officer/manager conduct a physical security survey at least
annually?
12
Do all members assigned to the facility (including contractors, government, military)
receive security briefings/updates?
Security Guard Force
Construction Site Security Manager
13
Name
14
Date of appointment?
15
Normal working hours?
16
On Call After Hours?
17
Chain of Reporting: immediate manager?
18
Is the manager normally responsible for Guard force administration?
19
Is the manager normally responsible for Guard force duties?
Security Shift Supervisors
20
Working Hours
21
Is there 24 hour coverage?
22
Is he responsible for Guard Force Operations including:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 91 OF 3 11
#
23
Question
•
Access Control
•
Inspection, Control and Monitoring Duties
•
Reporting Methods
Yes
No
N/A
Comment
Does he maintain records of
•
Training and Drills
•
Breaches of Security
•
Security communications
•
Other specific duties
Guard Force Duties and Procedures
24
Is the construction site Guard Force a direct hire force or a contract company?
25
If contract guards, have they been individually vetted?
26
Total number of the guard force?
27
Total number of posts?
•
Working Hours
•
After hours
28
Average hours worked by security guards per week?
29
How many guards are working per shift:
•
Day shift:
•
Night shift
30
What is the size of the guard force dedicated to gates and the perimeter of the
construction site?
31
Have security personnel been trained in procedures for the implementation of
emergency and disaster plans for their activities?
32
Have they received pre-assignment training in:
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 92 OF 3 11
#
Question
Yes
•
Division of powers between the NEOM security management team and the
police force?
•
Security equipment and procedures?
•
Safety and Fire regulations?
•
Fire-fighting procedures?
•
CPR?
•
Basic First Aid?
33
Are the guards provided with written construction site instructions that cover all
aspects of their duties?
34
Are security force personnel inspected an debriefed by a supervisor prior to
reporting to their posts of duty?
35
Once on the site, is training given concerning:
•
Regulations that apply to the construction site?
•
Specific job duties?
•
Layout of the installations and offices, to include vulnerable points such as
unsecure or hazardous areas?
•
The use and maintenance of security equipment?
•
Safety and fire regulations?
•
Emergency devices such as back-up generators, uninterrupted power supply
systems, control switches, emergency lighting, and emergency radio and
telephones?
36
Are periodic examinations/ drills conducted to ensure maintenance of guard training
standards?
37
Do supervisors inspect each post / patrol /activity at least once each shift?
38
Is this on a random or scheduled basis?
DOCUMENT CODE: NEOM-NSE-PRC-001
No
N/A
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
Comment
PAG E 2 93 OF 3 11
#
Question
39
Is an updated copy of written instructions available at all times to security guards on
duty?
40
Is there a logbook in which the following are reflected?
•
Supervisory visits.
•
Shift changes.
•
Incidents / occurrences.
•
Special instructions.
Yes
41
Does the person responsible for security on site review the logbook on a regular
basis?
42
Are the standards of recruitment, training and supervision by the contract security
firm satisfactory?
43
Is supervision of the guard force adequate?
44
Are there written procedures, in the post for the following:
•
Post responsibilities
•
Individual responsibilities
•
Access Controls
•
Response to threats / incidents
•
Maintaining critical operations
•
Specific post-orders
•
Evacuation
•
Fire
•
Interface with other agencies
•
Security patrol information
•
After hours/ week-end reporting procedures
•
Records of security incidents
DOCUMENT CODE: NEOM-NSE-PRC-001
No
N/A
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
Comment
PAG E 2 94 OF 3 11
#
Question
45
Do the guards know how to respond when alarms are activated?
46
Do security guard patrol internally?
•
By vehicle
•
On foot
•
Working Hours
•
Night shifts
Yes
47
Are guards equipped with radio-communications for their patrol?
48
Is there an adequate system of supervision and monitoring of patrols?
49
Have direct communications with local municipal fire and police headquarters been
established?
No
N/A
Comment
Communications
50
Is there an auxiliary power supply for communication with each element of the
security force?
51
What is the alternate means of communication?
Security Awareness Program
52
Does a Security Awareness Program exist for the construction facility?
Security Drills
53
Have some emergency drills been organized and implemented on the construction
site?
Which of the following topics were used:
54
•
Medical emergency
•
Bomb threat
•
Bomb search
•
Suspect letter/parcel
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 95 OF 3 11
#
Question
•
Building evacuation
•
Workplace violence
•
Elevator entrapment drill
•
Civil disturbance
Yes
No
N/A
Comment
Key Control
55
Is a key register maintained? Under which form?
•
Excel Spreadsheet?
•
Log Book?
Personnel Issues
56
Are background screening procedures used?
57
When an employee is leaving, are there measures in place to verify that all identity
cards, credit cards, tools, documents, and other forms of company property have
been returned?
Disaster Recovery
58
Does the site have a disaster recovery plan?
59
Is there a crisis management plan?
60
Do all personnel involved in the crisis management plan know their role?
61
Has the crisis management plan been tested, reviewed, updated and simulated?
Administration of ID Cards
62
Are cards disabled or recuperated when the employee is on leave or terminates?
63
Are retrieved cards appropriately destroyed?
64
Is there a procedure in place to collect contractors’ cards at the end of their
contract?
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 96 OF 3 11
#
Question
Yes
65
Is there a procedure to inform access control points that a card has been lost or
stolen?
66
Is all security system data backed up regularly?
No
N/A
Comment
Information Protection
67
Has a threat assessment been made as to which departments produce or receive
sensitive documents that are likely to be of interest to third parties?
68
Has management ensured that employees have the correct storage for classified
documents? Are office and desk keys kept in key safes?
69
Is the information security policy regularly reviewed?
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 97 OF 3 11
C4: Perimeter Fence Specification
Specification Section Chain Link Fences and Gates (Type I-V)
Products
System Description:
•
Conform to CLFMI PM 2445 for the specified use.
•
Provide chain link fence and gates, fabric, fabric coating, Posts and Tension wires in accordance with the standard detail drawings provided for Type I- V.
•
Provide framework, fabric, accessories and gates in accordance with ASTM F567.
•
Fence heights as indicated with top rail, bottom tension wire, and three strands of barbed wire projecting outward and inward at top.
•
Gates:
o
Residential: Provide gates in accordance with ASTM F654.
o
Industrial and Commercial:
▪
Provide swing gates in accordance with ASTM F900.
▪
Provide horizontal slide gates in accordance with ASTM F1184.
Fence fabric:
•
Galvanized Steel
o
•
Galvanized steel chain-link fabric conforming to ASTM A392, with Class 2 zinc coating 610 grams of zinc per square meter of uncoated wire surface;
Fabric woven in 50 mm mesh from No. 9 gauge wire in a 2.4 m height with barbed selvages top and bottom.
Coloured PVC-coated steel fabric with galvanized and factory-painted steel posts, hardware, and fittings.
o
Fabric woven in 50 mm mesh from PVC coated wire in a 2.4 m height with barbed selvages top and bottom. PVC coating thermally fused and bonded
over galvanized plastic primed commercial quality steel wire with minimum coating thickness of 7 mils. Coated wire 9-gauge with minimum breaking
strength of 545 kg. Colour to be selected to match total fence system (1.22 g of zinc per square. meter. of surface).
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 98 OF 3 11
Barbed Wire and Support Arms:
•
Galvanized steel barbed wire consisting of three or six strands of twisted No. 12-1/2 gauge wires with 4-point barbs spaced 80 mm apart and conforming
to ASTM A121, with Class 3 zinc coating minimum of 244 g of zinc coating over each square meter of uncoated wire surface for No. 12-1/2 gauge wire).
•
Colour matched PVC coated galvanized steel wire, consisting of three or six strands of twisted No. 11 gauge wires with No. 14 gauge, 4-point vinyl coated
aluminium alloy barbs spaced 80 mm apart.
•
Support arms projecting outward and/or inward, from top of posts, at 45 degrees and capable of withstanding 890 N downward pull on outermost end of
arm, without failure. Arms with provision for attachment of three or six strands of evenly spaced barbed wire and integral with post top weather caps with
holes for passage of top rail at intermediate posts.
Tension wire:
•
No. 7-gauge coil spring steel wire with galvanized finish having minimum of 244 g of zinc coating over each square meter of uncoated wire surface.
•
Colour matched PVC coated No. 6 gauge outside diameter, zinc coated coil spring steel wire having 0.40 oz of zinc coating per sq. ft. of wire surface.
Tie Wires:
•
Tie wires, for fastening fence fabric to line posts and rails, not less than No. 6 gauge aluminium wire.
•
Tie wires, for fastening fence fabric to line posts and rails, not less than 9 gauge (outside diameter) colour matched PVC coated galvanized steel wire.
Line Post:
•
60.3 mm outside diameter steel pipe weighing not less than 5.4 kg/m, or 47.6 mm high carbon steel H-beams weighing not less than 4.0 kg/m, unless
indicated otherwise on the drawings.
End, Corner, and Pull Posts:
•
73 mm outside diameter steel pipe weighing not less than 8.6 kg/m, or 63.5 mm square steel tube weighing not less than 7.6 kg/m, or 89 mm by 89 mm
roll-formed, steel corner section weighing not less than 7.6 kg/m, unless indicated otherwise on the drawings.
Gate Posts:
•
73 mm outside diameter steel pipe and gate posts, for gate leaves up to and including 1.8 m wide, weighing not less than 8.6 kg/m., or 63.5 mm square
steel tube weighing not less than 7.6 kg/m., or 89 mm by 89 mm roll-formed, steel corner section weighing not less than 7.6 kg/m, unless indicated
otherwise on the drawings.
•
100 mm outside diameter steel pipe, gate posts for gate leaves over 1.8 m wide and up to and including 4 m wide and weighing not less than 13.5 kg/m,
unless indicated otherwise on the drawings.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 2 99 OF 3 11
•
168.3 mm outside diameter steel pipe, gate posts for gate leaves over 4 m wide and up to and including 5.5 m weighing not less than 28.2 kg/m, unless
indicated otherwise on the drawings.
Railings:
•
41.3 mm outside diameter steel pipe with minimum weight of 3.4 kg/m or 41.3 mm by 31.8 mm, 14-gauge roll-form section, for top railing and railings for
top middle and bottom braces between terminal posts and adjacent line posts, unless indicated otherwise on the drawings.
Truss:
•
9.5 mm diameter steel rod diagonal truss braces between terminal and adjacent line posts and for gate framework, unless indicated otherwise on the
drawings.
Fittings:
•
Heavy-duty malleable iron or pressed steel fittings of suitable size to produce strong construction.
Stretcher Bars:
•
Flat bars with minimum cross section dimensions of 6.4 mm by 19 mm, full height of fabric, secured with bar bands of minimum 11-gauge sheet steel,
spaced approximately 380 mm) on centres and bolted with 9.5 mm diameter bolts, for attaching fabric to terminal posts, unless indicated otherwise on the
drawings.
Gate Leaf Framework:
•
47.6 mm outside diameter steel pipe weighing 4 kg/m, minimum, unless indicated otherwise on the drawings.
Gate Hinges:
•
Heavy pattern of adequate strength for gate size, with large bearing surfaces for clamping or bolting in position.
Latch:
•
Gates with suitable latch, accessible from both sides and with provision for padlocking.
Concrete Footings:
•
Class B concrete.
Grout:
•
One-part Portland cement and three parts of clean, sharp, well-graded sand with minimum water for proper workability for posts set in solid rock.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 00 OF 3 11
Accessories:
•
Steel pipe dimensions and weights: ASTM A53/A53M, Schedule 40. Dimensions specified are nominal pipe sizes.
•
Dimensions and weight tolerances: Plus or minus 5 percent.
•
Zinc Coating: Minimum 610 grams per square meter.
•
Provide posts with tops of same material and designed to fit securely over post and carry top rail. Carry apron around outside of post at base of top fitting.
•
Ferrous metal fittings, posts, fence, gate framework, and accessories galvanized with heavy coating of 610 g/m2 pure zinc spelter per square foot or
surface area to be coated. Use hot-dip process. Thinner zinc coatings, electro-galvanizing, zinc paint or cold galvanizing compounds not used as
substitute for hot-dipped galvanized finish not acceptable.
•
Fabricate and weld before hot-dip galvanizing. Weld conforming to American Welding Society standards.
•
Hot-dip galvanized gate frame, after welding, if bolted or riveted corner fittings not used.
•
Galvanize fittings, posts, fence and gate framework, and accessories, then epoxy phenolic primed and top coated with matching PVC, using thermal bond
process.
•
Single and double leaf swing gates with centre bolt, centre stop, and automatic backstops.
•
Cantilever sliding (rolling type) gate complete with latch, stop, keeper, rollers, heavy duty roller track, and 3 strands of barbed wire installed vertically
above fabric and electrically operated.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 01 OF 3 11
Details – Fence Type (I – V)
Type
Category
Fabric
Wire
Fabric
Ground
Clearance
Concrete
Anchor
Rail
Tension
Wire
Barbwire
V Type
Extension
Arm
Brace
Post
Ht.
Brace Post
Option
(A)
I
High
Chain Link
(Gal)
2400
25mm
Tie fabric to
anchor at
600mm
TOP
Nil
6 Strands
Double
1500
All posts
Buried
Skirt
600mm
II
Medium High
Chain Link
(Gal)
2400
25mm
Nil
TOP
Bottom
6 Strands
Double
1500
All posts
Buried
Skirt
600mm
III
Medium
Chain Link
(Gal)
2400
25mm
Nil
Nil
Top/Bottom
6 Strands
Double
1500
Uninterrupted
fence runs
Buried
Skirt
600mm
IV
Medium Low
Chain Link
(Gal)
2400
25mm
Nil
Nil
Top/Bottom
3 Strands
Single
1500
Uninterrupted
fence runs
Nil
V
Low
Chain Link
(Gal)
2400
25mm
Nil
Nil
Top/Bottom
Nil
Nil
1500
Uninterrupted
fence runs
Nil
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 02 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 03 OF 3 11
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 04 OF 3 11
Annex D: Site Categorization Matrix
Site Categorisation Matrix
The following Annex sets out the Site Categorisation Matrix which has been developed to assist the Designer in undertaking their assessment of the Site. The
categorisation will determine the following elements:
•
•
•
Protection Group
o
Baseline
o
Enhanced
o
Restricted
Site Classification
o
Industrial
o
Non-Industrial
Design Route
o
Standard
o
Fast-Track
In line with the process outlined with Section 4, the designer along with the facility proponent should make an assessment and recommendation to the NEOM
Public Safety Department as to what Category the site should be. This recommendation will be informed by the STRA and guided by the questions set out
within this Annex.
The following questions are intended to guide the Designer to consider the relevant factors that will influence the Site Categorisation recommendation.
While all guidance questions can be used to inform each of the three elements that make up the Site Categorisation, to assist the Designers the questions
have been split into the following categories.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 05 OF 3 11
Protection Group
#
Question
Response
1
If the site was to become offline or disabled, what impact could this have to the NEOM region?
(i.e. would it be felt beyond the local / individual community)?
2
What level of disruption would the loss of operation cause locally?
3
How easily can the site, or assets, be damaged or disrupted?
4
What level of redundancy is there for the function of this site?
5
What is the maximum tolerable downtime of the site that is allowable?
6
How easily can critical elements of the site be replaced to minimize loss or function?
7
How is the site used?
8
Are there likely to be large crowded publicly accessible areas created at this site?
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 06 OF 3 11
Site Classification (Industrial or Non-Industrial)
#
9
Question
Response
Will the chosen site be connected with any of the following
sectors:
•
Petroleum
•
Electrical Power & Distribution
•
Petrochemical
•
Water
•
Industrial Services
•
Communications
•
Mining
•
Gas
•
Civil Explosives
•
Chemical Manufacturing
•
Ports
•
Railroads
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 07 OF 3 11
Design Route
#
Question
10
Is the site protection group assessed as either Enhanced or
Restricted?
11
•
If yes, only the Standard design route can be undertaken.
[Check this].
•
If no, and site is assessed as Baseline, then Fast-Track is
possible.
Response
What is the planned lifecycle of this site?
•
If less than 4 months, the fast track route can be
considered.
12
Will the design utilise an off-site pre-fabricated unit?
13
Will the design require the incorporation of multiple elements?
Designer Recommendation
Following the STRA and Site Categorisation Assessment, the Designer should make a formal recommendation to the NEOM Public Safety Department who
shall then review and confirm what Protection Group, Site Classification and Design Route should be assigned.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 08 OF 3 11
Annex E: Security Manual Contents
Introduction
Aligned to achieving this is the need for a minimum baseline for security management and operations.
An essential part of this is the development by each site of a Security Management Plan or Manual.
The minimum information required in the Security Manual is outlined below.
The Security Manual shall be reviewed on the following basis:
•
A minimum of every 6 months.
•
Following a major security incident.
•
When the STRA is amended.
Security Manual Contents
Facility Security Plan (FSP)
In addition to the following main components of FSP, FSP shall provide the FO with the requirements
for SCR and a method to identify and implement required changes, enhancements or improvements
to the facility security posture.
•
Physical protection measures (infrastructure & security systems design).
•
Security program for upgrades, enhancements or improvements to existing security components
or infrastructure as recommended in the STRA.
•
Security organization structure. (Organization chart & personnel list)
•
Competency & Training of Security Personnel:
•
o
Analyze Training Requirements/needs
o
Design Training program (example Formal, Refresher, Equipment, On the Job etc)
o
Develop Security Training program (Training syllabus, Instructor manuals, Training
schedules, Training manuals, and audio visuals) for Security Staff
o
Security Awareness Training for employees
o
Induction of new employees
o
Introduction of security requirements in the safety induction on site for visitors and
contractors.
Maintenance & Support Program (MSP); for security infrastructure & systems and equipment:
o
Define Maintenance Requirements.
o
A maintenance plan for Preventive Maintenance and Remedial Maintenance.
Security Management Policy
Standing Operating Procedures (SOPs)
SOPs shall include, but not be limited to the following:
•
Physical Security Procedures:
o
Access Control.
o
ID Card Procedures.
o
Visitors.
DOCUMENT CODE : NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 09 OF 3 01
•
•
•
•
o
Contractors.
o
Vehicle Entry Permits.
o
Material Control.
o
Key Control.
Information Security & Cybersecurity:
o
Information protection.
o
Document Control & Document Security.
o
Photography permits.
o
Laptop & IT permits.
Security Management Procedures:
o
Security Reports (i.e. Daily).
o
Security Statistics and Performance Measurement.
o
Security Incident & Threat Reporting & Investigations.
o
Contraband items.
o
Pre-employment screening and background checks.
o
Weapons (Firearms) Control (Handling and Storage).
o
Communication with Security Services Contractors and Suppliers.
o
Waiving of Standard Security Procedures.
o
Monitoring Procedures.
o
Test Procedures.
o
Alarm Assessment Procedures.
o
Dispatch Procedures.
Specific Security Incidents:
o
Emergency Planning (Emergency Response for Security Personnel).
o
Response to Bomb Threat.
o
Dealing with suspicious parcels.
o
Dealing with “Lost and Found” Items.
o
Vehicle Accidents.
o
Workplace Violence, threats, intimidation, and other misconduct.
o
Security Alert Levels.
o
Security Breaches – Illegal document copying/removals etc.
Site Security Forms:
Example forms are listed below. Exact number and type of forms, if required, shall be coordinated
with NEOM Public Safety Department.
o
SSF-01 Visitor’s Application Form
o
SSF-02 Departmental Authorized Signatory Form
o
SSF-03 Request for ID Card Form
o
SSF-04 Temporary Entry Permit Form
o
SSF-05 Reporting Loss of ID Card Form
o
SSF-06 Vehicle Entry Permit Application Form
o
SSF-07 Material & Equipment Gate Pass
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 10 OF 3 11
o
SSF-08 Security Post Report
o
SSF-09 Shift Report
o
SSF-10 Daily Security Report Form
o
SSF-11 Security Incident Report Form
o
SSF-12 Bomb Threat Information Form
o
SSF-13 Equipment/Waste removal permit – Permanent transfer/Dispose/Repair –Return.
Security Post Orders/Assignment Instructions (Responsibilities & Job Description)
•
General Instructions.
•
Superintendent of Security – accountable for Security and its Governance at the site.
•
Security Supervisor.
•
Security Shift Captain.
•
Gate Security Staff.
•
Security Patrol Staff.
•
CCTV Operator.
•
Visitor/Reception Security Staff.
•
Security Control Centre Operator.
•
X-Ray Checkpoint Security Staff.
•
Foot Patrolling.
•
Mobile Patrolling.
•
Security Staff Turnstile Gate.
•
Security Staff Material Department Gate.
•
Security Staff Admin Building Reception.
DOCUMENT CODE: NEOM-NSE-PRC-001
REVISION CODE: 01.00
©NEOM [2022]. All rights reserved.
PAG E 3 11 OF 3 11