Building Information Modelling and security
Building Information Modelling (BIM) is the next evolution in building design and operation. BIM processes and technology are increasingly adopted by property developers, owners and building operators due to the significant commercial and operational advantages they offer, as well a government mandate for application in centrally-procured public projects.
Security design for the built environment involves construction and fit-out projects with varying levels of BIM adoption. Those at the forefront in this field naturally develop design capabilities into BIM but must remain mindful of the potential security risks of uncontrolled sharing of building information. This article describes some of the benefits and risks associated with BIM for the security of a building or organisation.
What is BIM?
Unless you are involved or about to be involved in a construction project, you may not have come across the term. Even if you have, there are varying definitions of this emerging combination of process and technology. My favourite definition to lead into the benefits and risks for security professionals comes from NBS, one of the bodies leading the standardisation of BIM: “[BIM is] simply the means by which everyone can understand a building through the use of a digital model.”
Depending on the perspective of the reader, BIM can be either an enhancement of 3D Computer Aided Design (CAD) to include more information and automate some design tasks, or a total paradigm shift in the construction and engineering industries. For the security professional it can be both an incredible tool for designing security into new buildings and collaborating with other specialists, and at the same time a potential source of risk when the sharing of sensitive information is not controlled.
What are the benefits of BIM for security professionals?
In a typical construction project, say a new corporate HQ, there will be a senior security management representative on the client side and a security consultancy on the design team side. If BIM is fully adopted and appropriately used then there will be significant benefits to both the security designer and the client security design stakeholder who will ultimately be responsible for the security of the completed building.
For security consultants the main benefits are similar to those for other design team specialists, such as modelling of security-specific elements including realistic views from CCTV cameras; automated ‘clash detection’; verification of the design in a virtual environment; ease of coordination with other specialists; speed of quantification and cost control tasks; and of course, more effective presentation to the client and other stakeholders.
For security managers, depending on the level of BIM expertise in the wider design team, and the security consultant in particular, there can be significant benefits not only during design but in operation of the completed building. Stakeholders can be more easily involved in the project to a greater depth, and their requirements and changes incorporated more easily.
These are the commonly discussed selling points of BIM adoption, but as the level of detail captured in the model increases, so does the potential for more intelligent analysis and interpretation, which we are beginning to see with, for example, energy modelling.
In the security design space BIM data provides an opportunity to change the way in which risks are identified and how mitigation techniques are measured effectively. At the simple end of the scale this may be providing a client with photorealistic 3D CCTV coverage maps; the tools to allow this basic overlay are already freely available from reputed manufacturers. Such simple tools provide an immediate enhancement to a security designer’s capability but there is potential to look further ahead to explore exciting opportunities for innovative client interaction, design and post occupancy support.
As an example, the criticality of spaces may be inferred using COBIE (Construction Operations Building Information Exchange) information already captured in the BIM model, allowing a designer to better prioritise the application of physical and technical security.
Once the building is in use, live usage statistics from the installed security devices could be used in combination with BIM model information to allow accurate failure prediction and more efficient and cost-effective maintenance contracts. As the quantity of information captured within BIM models continues to grow, security designers will increasingly be expected to demonstrate modelling, programming and analysis capability to allow clients to visualise their building.
What are the risks?
There are currently some immediate risks to entering into a fully BIM-designed construction project when compared to a ‘traditional’ CAD-based approach. These are essentially centred on the emerging nature of BIM and include additional effort on behalf of the client to get up to speed with BIM tools and capabilities, and the fact that not all design disciplines or specialists within a discipline are yet equally competent in understanding BIM, using the associated tools or maximising the benefits for the client.
These early adoption issues are beginning to disappear as the construction industry more widely adopts and implements BIM, and as standards continue to be developed. The post Security Minded Approach to Digital Engineering on the CPNI website provides guidance on latest standards.
This takes the reader through a process which allows the benefits of BIM to still be achieved, but introduces an appropriate and proportionate need-to-know approach in relation to the sharing and publication of information that could be exploited by those with hostile or malicious intent.
This process creates a new role, the Built Asset Security Manager (BASM), whose functions will exist not only during a project, but over the lifetime of the asset. Using combined knowledge of security and BIM, the role will be responsible for providing a holistic view of the security issues and threats to be addressed, as well as taking ownership for, and assisting in, the development, auditing and review of the resultant policies, processes and procedures.
For example, the BASM should set and manage the rules that ensure the entire design team does not receive access to the CCTV programming and configuration information.
In our recent experience, the inclusion of this standard in project BIM protocols has been inconsistent; however, the adoption of a security-minded approach should be considered in: the construction of new assets; the modification, fitting-out and maintenance of those already existing; the collection of asset information; the introduction of new building management systems; and when considering potential relocation options or disposal of assets.
Security professionals have an opportunity to drive the use of BIM in construction and fit-out projects for the good of our sector. While the processes, tools and standards used in designing and operating buildings using BIM models are developing, we can drive both the expectations of security design information and collaboration and the requirements that are placed on the secure management of building information.
While the adoption of BIM on projects and the extent to which its capabilities are used varies tremendously, this is the time for security managers to explore BIM’s benefits and for security consultants to plan to exceed their clients’ expectations. As dynamic users of a building, and one of the few who consider not just steady state but exception operation, we should be leading proponents of a technology that can help us to get things right first time and to understand the impact of new threats and opportunities as they emerge.
(updated CPNI links in May 2022)