UNITED24 - Make a charitable donation in support of Ukraine!


Chapter 2

The Systems Approach

Commanders must ensure that appropriate physical-security measures are taken to minimize the loss of personnel, supplies, equipment, and material through both human and natural threats. Commanders commonly exercise those protective responsibilities through the provost marshal (PM) and/or physical-security officer and the force-protection officer. The force-protection officer must coordinate with several different agencies to complete his mission. For example, the Army's Intelligence and Counterintelligence Program (see Appendix C ) provides information that will be used to complete the unit's crisis-management plan (see Appendix D).

Protective Systems

2-1. The approach to developing protective measures for assets should be based on a systematic process resulting in an integrated protective system. The protective system focuses on protecting specific assets against well-defined threats to acceptable levels of protection. The system is organized in-depth and contains mutually supporting elements coordinated to prevent gaps or overlaps in responsibilities and performance.

2-2. Effective protective systems integrate the following mutually supporting elements:

  • Physical protective measures, including barriers, lighting, and electronic security systems (ESSs).
  • Procedural security measures, including procedures in place before an incident and those employed in response to an incident. (These include procedures employed by asset owners and those applied by and governing the actions of guards.)
  • Terrorism counteraction measures that protect assets against terrorist attacks.

2-3. The following determinations are made when considering system-development procedures:

  • The resources available.
  • The assets to be protected.
  • The threat to those assets.
  • The risk levels applicable to those assets.
  • The applicable regulatory requirements for protecting the assets.
  • The applicable level of protection for those assets against the threat.
  • Additional vulnerabilities to the assets (based on the threat).

Systems Development

2-4. AR 190-51, DA Pamphlet (Pam) 190-51, and Technical Manual (TM) 5-853-1 are useful tools for developing protective systems using the systems approach. The key to applying these tools successfully is to use a team approach. A team may include physical-security, intelligence, and operations personnel; the installation engineers; and the user of the assets. It may also include representatives from the multinational, host-nation (HN), and local police as well as the regional security office from the embassy.


2-5. Protective systems should always be developed for specific assets. The goal of security is to protect facilities and buildings and the assets contained inside. The risk-analysis procedure in DA Pam 190-51 is used to identify assets. This procedure is applied to all mission-essential or vulnerable areas (MEVAs) according to AR 190-13. It represents the majority of assets with which DOD is commonly concerned. These assets include—

  • Aircraft and components at aviation facilities.
  • Vehicle and carriage-mounted or -towed weapons systems and components at motor pools.
  • Petroleum, oil, and lubricants (POL).
  • Controlled medical substances and other medically sensitive items.
  • Communication and electronics equipment; test, measurement, and diagnostic equipment (TMDE); night-vision devices (NVDs); and other high-value precision equipment and tool kits.
  • Organizational clothing and individual equipment stored at central-issue facilities.
  • Subsistence items at commissaries, commissary warehouses, and troop-issue facilities.
  • Repair parts at installation-level supply activities and direct-support (DS) units with authorized stockage lists.
  • Facilities-engineering supplies and construction materials.
  • Audiovisual equipment, training devices, and subcaliber devices.
  • Miscellaneous pilferable assets (not included above) and money.
  • Mission-critical or high-risk personnel.
  • General military and civilian populations.
  • Industrial and utility equipment.
  • Controlled cryptographic items.
  • Sensitive information (included in TM 5-853-1, but not included in DA Pam 190-51).
  • Arms, ammunition, and explosives (AA&E).
  • Installation banks and finance offices.

Risk Levels

2-6. DA Pam 190-51 provides a procedure for determining risk levels—assessing the value of the assets to their users and the likelihood of compromise. These factors are assessed by answering a series of questions leading to value and likelihood ratings.

2-7. Asset value is determined by considering the following three elements:

  • The criticality of the asset for its user and the Army as a whole.
  • How easily the asset can be replaced.
  • Some measure of the asset's relative value.

2-8. The relative value differs for each asset. For some assets, the relative value is measured in terms of monetary cost.

2-9. The likelihood of the threat is assessed for each applicable aggressor category by considering the asset's value to the aggressor, the history of or potential for aggressors attempting to compromise the asset, and the vulnerability of the asset based on existing or planned protective measures.

Regulatory Requirements

2-10. The risk level is the basis for determining the required protective measures for assets covered in AR 190-51. For each asset type, there may be physical protective measures, procedural security measures, and terrorism counteraction measures. These measures are specified by risk level. The measures identified in AR 190-51 are the minimum regulatory measures that must be applied for the identified threat level. The minimum regulatory measures for AA&E are based on the risk category established in AR 190-11.

Antiterrorism/Force-Protection construction standards

2-11. In accordance with DOD Instruction 2000.16, the commanders in chief (CINCs) have developed standards for new construction and existing facilities to counter terrorism threat capabilities within the area of responsibility. These construction standards have specific requirements for such measures as standoff distance, perimeter barriers, building construction, and parking. The DOD construction standard provides for minimum standards that must be incorporated into all inhabited DOD structures regardless of the identified threat. These standards provide a degree of protection that will not preclude the direct effects of blast but will minimize collateral damage for buildings and people and will limit the progressive collapse of structures. These standards add relatively little cost, may facilitate future upgrades, and may deter acts of aggression. (All services have adopted common criteria and minimum standards to counter antiterrorism/force-protection [AT/FP] vulnerabilities and terrorism threats.) Protection to identified threat levels is described in the following paragraphs. Physical-security personnel must be familiar with the CINC and DOD AT/FP construction standards because these standards may affect elements of physical-security plans and how individual facilities are secured.

ThreaT identification

2-12. The threat must be described in specific terms to help determine the assets' vulnerabilities or to establish protective measures. This description should include the tactics that aggressors will use to compromise the asset (weapons, tools, and explosives are likely to be used in an attempt). For example, the threat might be described as a moving vehicle bomb consisting of a 4,000-pound vehicle containing a 500-pound explosive. Another example would be a forced-entry threat using specific hand, power, or thermal tools. These types of threat descriptions (called the design-basis threat) can be used to design detailed protective systems to mitigate the attacks. TM 5-853-1 and DA Pam 190-51 contain procedures for establishing design-basis threat descriptions in the format described above. These procedures can be used together or separately. Threats listed in the TM will be summarized later in this chapter. When using the TM as a lone source or in conjunction with DA Pam 190-51, the following actions occur:

  • When the TM process is used alone, the user goes through an identical process to that in DA Pam 190-51 up to the point where the risk level would be determined. In TM 5-853-1, the value and likelihood ratings are used differently than in DA Pam 190-51. The likelihood rating is used to determine the weapons, tools, and explosives that will be used by a particular aggressor in carrying out a specific tactic. In this procedure, higher likelihood ratings result in more severe mixes of weapons, tools, and explosives. The assumption is that the more likely the attack, the more resources the aggressor is likely to use in carrying out the attack.
  • When the procedure in TM 5-853-1 is used in conjunction with the results of the DA Pam 190-51 risk analysis, the likelihood rating is taken directly from the risk analysis and applied as described above.

Level of Protection

2-13. The level of protection applies to the design of a protective system against a specified threat (for example, a bomb, breaking and entering, pilfering, and so forth). The level of protection is based on the asset's value rating from either DA Pam 190-51 or TM 5-853-1. The level increases as the asset's value rating increases. There are separate levels of protection for each tactic. TM 5-853-1 provides detailed guidance on how to achieve the levels of protection, and Chapter 3 of this manual provides a summary of the levels of protection as they apply to various tactics.


2-14. Vulnerabilities are gaps in the assets' protection. They are identified by considering the tactics associated with the threat and the levels of protection that are associated with those tactics. Some vulnerabilities can be identified by considering the general design strategies for each tactic described in TM 5-853-1 and as summarized in Chapter 3 of this manual. The general design strategies identify the basic approach to protecting assets against specific tactics. For example, the general design strategy for forced entry is to provide a way to detect attempted intrusion and to provide barriers to delay the aggressors until a response force arrives. Vulnerabilities may involve inadequacies in intrusion-detection systems (IDSs) and barriers. Similarly, the general design strategy for a moving vehicle bomb is to keep the vehicle as far from the facility as possible and to harden the facility to resist the explosive at that distance. Vulnerabilities may involve limited standoff distances, inadequate barriers, and building construction that cannot resist explosive effects at the applicable standoff distance.

Protective Measures

2-15. Where vulnerabilities have been identified, protective measures must be identified to mitigate them. AR 190-13, AR 190-51, DA Pam 190-51, and TM 5-853-1 are effective tools for developing protective measures. The key to effective development of protective systems is a partnership between physical-security personnel and the installation engineers. Appendix E of this manual discusses information for office security, which should be listed in the physical-security plan (see Appendix F). Appendix G discusses personal-protection measures.

The Integrated Protective System

2-16. Protective systems integrate physical protective measures and security procedures to protect assets against a design-basis threat. The characteristics of integrated systems include deterrence, detection, defense, and defeat.


2-17. A potential aggressor who perceives a risk of being caught may be deterred from attacking an asset. The effectiveness of deterrence varies with the aggressor's sophistication, the asset's attractiveness, and the aggressor's objective. Although deterrence is not considered a direct design objective, it may be a result of the design.


2-18. A detection measure senses an act of aggression, assesses the validity of the detection, and communicates the appropriate information to a response force. A detection system must provide all three of these capabilities to be effective.

2-19. Detection measures may detect an aggressor's movement via an IDS, or they may detect weapons and tools via X-ray machines or metal and explosive detectors. Detection measures may also include access-control elements that assess the validity of identification (ID) credentials. These control elements may provide a programmed response (admission or denial), or they may relay information to a response force. Guards serve as detection elements, detecting intrusions and controlling access.

2-20. Nuclear, biological, and chemical (NBC) detection systems must be used to measure and validate acts of aggression involving WMD. NBC detection systems should also be used to communicate a warning.


2-21. Defensive measures protect an asset from aggression by delaying or preventing an aggressor's movement toward the asset or by shielding the asset from weapons and explosives. Defensive measures—

  • Delay aggressors from gaining access by using tools in a forced entry. These measures include barriers along with a response force.
  • Prevent an aggressor's movement toward an asset. These measures provide barriers to movement and obscure lines of sight (LOSs) to assets.
  • Protect the asset from the effects of tools, weapons, and explosives.

2-22. Defensive measures may be active or passive. Active defensive measures are manually or automatically activated in response to acts of aggression. Passive defensive measures do not depend on detection or a response. They include such measures as blast-resistant building components and fences. Guards may also be considered as a defensive measure.


2-23. Most protective systems depend on response personnel to defeat an aggressor. Although defeat is not a design objective, defensive and detection systems must be designed to accommodate (or at least not interfere with) response-force activities.

Security Threats

2-24. Security threats are acts or conditions that may result in the compromise of sensitive information; loss of life; damage, loss, or destruction of property; or disruption of mission. Physical-security personnel and design teams must understand the threat to the assets they are to protect in order to develop effective security programs or design security systems. Historical patterns and trends in aggressor activity indicate general categories of aggressors and the common tactics they use against military assets. Aggressor tactics and their associated tools, weapons, and explosives are the basis for the threat to assets.

Threat Sources

2-25. There are many potential sources of threat information. Threat assessment is normally a military-intelligence (MI) responsibility. MI personnel commonly focus on such security threats as terrorists and military forces. Within the US and its territories, the Federal Bureau of Investigation (FBI) has primary responsibility for both foreign and domestic terrorists. The FBI, the US Army Criminal Investigation Command (USACIDC [CID]), and local law-enforcement agencies are good sources for physical-security personnel to obtain criminal threat information. Coordinating with these elements on a regular basis is essential to maintaining an effective security program.

Threat Categories

2-26. Security threats are classified as either human or natural. Human threats are carried out by a wide range of aggressors who may have one or more objectives toward assets such as equipment, personnel, and operations. Aggressors can be categorized and their objectives can be generalized as described below. (See DA Pam 190-51 and TM 5-853-1 for more information.)

Aggressor Objectives

2-27. Four major objectives describe an aggressor's behavior. Any one of the first three objectives can be used to realize the fourth. These objectives include—

  • Inflicting injury or death on people.
  • Destroying or damaging facilities, property, equipment, or resources.
  • Stealing equipment, materiel, or information.
  • Creating adverse publicity.

Aggressor Categories

2-28. Aggressors are grouped into five broad categories—criminals, vandals and activists, extremists, protest groups, and terrorists. Hostile acts performed by these aggressors range from crimes (such as burglary) to low-intensity conflict threats (such as unconventional warfare). Each of these categories describes predictable aggressors who pose threats to military assets and who share common objectives and tactics.

  • Criminals can be characterized based on their degree of sophistication. They are classified as unsophisticated criminals, sophisticated criminals, and organized criminal groups. Their common objective is the theft of assets; however, the assets they target, the quantities they seek, their relative efficiency, and the sophistication of their actions vary significantly. Vandals and activists may also be included under this category.
  • Vandals and activists are groups of protesters who are politically or issue oriented. They act out of frustration, discontent, or anger against the actions of other social or political groups. Their primary objectives commonly include destruction and publicity. Their selection of targets will vary based on the risk associated with attacking them. The degree of damage they seek to cause will vary with their sophistication.
  • Extremists are radical in their political beliefs and may take extreme, violent actions to gain support for their beliefs or cause.
  • Protesters are considered a threat only if they are violent. Lawful protesters have to be considered, but significant protective measures and procedures are not normally needed to control their actions. The presence of extremists or vandals/activists at a peaceful protest increases the chance of the protest becoming violent.
  • Terrorists are ideologically, politically, or issue oriented. They commonly work in small, well-organized groups or cells. They are sophisticated, are skilled with tools and weapons, and possess an efficient planning capability. There are three types of terrorists—CONUS, OCONUS, and paramilitary OCONUS.
    • CONUS terrorists are typically right- or left-wing extremists operating in distinct areas of the US.
    • OCONUS terrorists generally are more organized than CONUS terrorists. They usually include ethnically or religiously oriented groups.
    • Paramilitary OCONUS terrorist groups show some military capability with a broad range of military and improvised weapons. Attacks by OCONUS terrorists are typically more severe.

2-29. Natural threats are usually the consequence of natural phenomena. They are not preventable by physical-security measures, but they are likely to have significant effects on security systems and operations. They may require an increase in protective measures either to address new situations or to compensate for the loss of existing security measures. They may reduce the effectiveness of existing security measures by such occurrences as collapsed perimeter fences and barriers, inoperable protective lighting, damaged patrol vehicles, and poor visibility. Natural threats and their effects relative to security include the following:

  • Floods may result in property damage, destruction of perimeter fences, and damage to IDSs. Heavy rains or snowfalls may have similar effects even if they do not result in flooding.
  • Storms, tornadoes, high winds, or rain may cause nuisance alarms to activate and cause damage to IDSs. They may limit the visibility of security personnel and may affect closed-circuit television (CCTV) systems. Winds may also disrupt power or communication lines and cause safety hazards from flying debris.
  • Earthquakes may cause nuisance alarms to activate or may disrupt IDSs. They may also cause broken water or gas mains, fallen electrical or communication lines, and weakened or collapsed buildings.
  • Snow and ice can make travel on patrol roads difficult, may delay responses to alarms, may impede the performance of IDSs, and may freeze locks and alarm mechanisms. Heavy ice may also damage power and communication lines.
  • Fires may damage or destroy perimeter barriers and buildings, possibly leaving assets susceptible to damage or theft.
  • Fog can reduce the visibility of security forces, thereby requiring additional security personnel. It may also increase the response time to alarms and reduce the effectiveness of security equipment such as CCTV systems.

Aggressor Tactics

2-30. Aggressors have historically used a wide range of offensive strategies reflecting their capabilities and objectives. These offensive strategies are categorized into 15 tactics that are specific methods of achieving aggressor goals (see TM 5-853-1). Separating these tactics into categories allows facility planners and physical-security personnel to define threats in standardized terms usable as a basis for facility and security-system design. Common aggressor tactics include—

  • Moving vehicle bomb. An aggressor drives an explosive-laden car or truck into a facility and detonates the explosives. His goal is to damage or destroy the facility or to kill people. This is a suicide attack.
  • Stationary vehicle bomb. An aggressor covertly parks an explosive-laden car or truck near a facility. He then detonates the explosives either by time delay or remote control. His goal in this tactic is the same as for the moving vehicle bomb with the additional goal of destroying assets within the blast area. This is commonly not a suicide attack. It is the most frequent application of vehicle bombings.
  • Exterior attack. An aggressor attacks a facility's exterior or an exposed asset at close range. He uses weapons such as rocks, clubs, improvised incendiary or explosive devices, and hand grenades. Weapons (such as small arms) are not included in this tactic, but are considered in subsequent tactics. His goal is to damage the facility, to injure or kill its occupants, or to damage or destroy assets.
  • Standoff weapons. An aggressor fires military weapons or improvised versions of military weapons at a facility from a significant distance. These weapons include direct (such as antitank [AT] weapons) and indirect LOS weapons (such as mortars). His goal is to damage the facility, to injure or kill its occupants, or to damage or destroy assets.
  • Ballistics. The aggressor fires various small arms (such as pistols, submachine guns, shotguns, and rifles) from a distance. His goal is to injure or kill facility occupants or to damage or destroy assets.
  • Forced entry. The aggressor forcibly enters a facility using forced-entry tools (such as hand, power, and thermal tools) and explosives. He uses the tools to create a man-passable opening or to operate a device in the facility's walls, doors, roof, windows, or utility openings. He may also use small arms to overpower guards. His goal is to steal or destroy assets, compromise information, injure or kill facility occupants, or disrupt operations.
  • Covert entry. The aggressor attempts to enter a facility or a portion of a facility by using false credentials or stealth. He may try to carry weapons or explosives into the facility. His goals include those listed for forced entry.
  • Insider compromise. A person authorized access to a facility (an insider) attempts to compromise assets by taking advantage of that accessibility. The aggressor may also try to carry weapons or explosives into the facility in this tactic. His goals are the same as those listed for forced entry.
  • Visual surveillance. The aggressor uses ocular and photographic devices (such as binoculars and cameras with telephoto lenses) to monitor facility or installation operations or to see assets. His goal is to compromise information. As a precursor, he uses this tactic to determine information about the asset of interest.
  • Acoustic eavesdropping. The aggressor uses listening devices to monitor voice communications or other audibly transmitted information. His goal is to compromise information.
  • Electronic-emanations eavesdropping. The aggressor uses electronic-emanation surveillance equipment from outside a facility or its restricted area to monitor electronic emanations from computers, communications, and related equipment. His goal is to compromise information.
  • Mail-bomb delivery. The aggressor delivers bombs or incendiary devices to the target in letters or packages. The bomb sizes involved are relatively small. His goal is to kill or injure people.
  • Supplies-bomb delivery. The aggressor conceals bombs in various containers and delivers them to supply- and material-handling points such as loading docks. The bomb sizes in this tactic can be significantly larger that those in mail bombs. His goal is to damage the facility, kill or injure its occupants, or damage or destroy assets. Appendix H addresses the actions to take when a bomb is suspected.
  • Airborne contamination. An aggressor contaminates a facility's air supply by introducing chemical or biological agents into it. His goal is to kill or injure people.
  • Waterborne contamination. An aggressor contaminates a facility's water supply by introducing chemical, biological, or radiological agents into it. These agents can be introduced into the system at any location with varying effects, depending on the quantity of water and the contaminant involved. His goal is to kill or injure people.

2-31. The aforementioned tactics are typical threats to fixed facilities for which designers and physical-security personnel can provide protective measures. However, some common terrorist acts are beyond the protection that facility designers can provide. They cannot control kidnappings, hijackings, and assassinations that take place away from facilities or during travel between facilities. Protection against these threats is provided through operational security and personal measures (see Appendix G and Appendix I), which are covered in doctrine relative to those activities and are under the general responsibility of the CID.

Tactical Environment Considerations

2-32. When determining the assets and threats, the same considerations should be given to the systems approach in the tactical environment as when in the cantonment area. The same process of determining the assets, their risk level, and any regulatory guidance apply. Identifying potential threats and the level of protection required for the assets are necessary. Commanders and leaders must also identify additional vulnerabilities and other required protective measures. Commanders are not expected to have the same physical protective measures due to the impact of resources, budget, location, and situations.

2-33. Commanders must consider the various tactics used by aggressors and use their soldiers' abilities to counteract these tactics. Considerations for specific assets (such as military-working-dog [MWD] and explosive-ordnance-disposal [EOD] teams and their abilities to detect and disassemble a bomb) must be identified. Units must have the ability to improvise in a tactical environment. Their training and resourcefulness will compensate for shortcomings in the field.

2-34. The systems approach to security provides focus and integration of resources. Protective systems are mutually supporting and systematically developed to negate the threat. Commanders conduct an intelligence preparation of the battlefield (IPB) and vulnerability assessments (VAs) to determine risks. Security resources and measures are applied to mitigate risks and to deter, detect, defend, and defeat the threat.

Join the GlobalSecurity.org mailing list