ML20053B140

From kanterella
Jump to navigation Jump to search
To NRC Property & Supply Sys Facility Security Plan
ML20053B140
Person / Time
Issue date: 10/31/1979
From:
NRC OFFICE OF ADMINISTRATION (ADM)
To:
Shared Package
ML20053B111 List:
References
FOIA-81-409 PROC-791031, NUDOCS 8205280106
Download: ML20053B140 (32)
v  d  e


Text

{{#Wiki_filter:. _-..... -. 4 s. i 4 4 NRC PROPERTY AND SUPPLY SYSTEM l FACILITY SECURITY PLAN i J l j i i l l Facility Location: Lugenbeel Building 4922 Fairmont Avenue Room L-100 l Bethesda, MD 20014 1 Plan Submitted: October 1979 - Revision 1 8 20 5 2 8 0 tog. e-- w,---------,.----,.-,,-,---.---..--.-,,,.w_,,.._.,r-,-,--,r-, .,--..-,-u r.--..-. ...,,. - = ~., - - - -,,,, - - - - - -,,.,, -. -. -., -, - -

1. TABLE OF CONTENTS Section Pace

1. 0 INTRODUCTION.................................................

1-1

2. 0 RISK ANALYSIS................................................

2-1 2.1 Natural Disasters....................................... 2-1 2.2 Unauthorized Access..................................... 2-2 2.3 Hardware Configuration / Security Procedures.............. 2-4 1 2.4 Supporting Utility Failure.............................. 2-11 3.0 S E C U R I TY P LAN................................................ 3-1 3.1 Access Controls......................................... 3-1 3.2 Fire Controls........................................... 3-2 3.3 General Procedures...................................... 3-2 3.4 Equipment Failure / Loss Contingencies.................... 3-2 3.5 Emergency Chain of Command.............................. 3-3 3.6 Security Plan Review.................................... 3-3 APPENDIX A Floor Plans / Evacuation Routes................................ A-1 APPENDIX B Evacuation Procedures........................................ B-1 Bomb Threat Procedures....................................... B-3 l APPENDIX C Windspeed Risk Model......................................... C-1 i y- ,,m--

1.0 INTRODUCTION

OMB Circular No. A-71, Transmittal Memorandum No. I dated July 27, 1978 promulgated policy and assigned agency responsibilites for establishing computer security programs for-protection of personal, proprietary and sensitive data. The Division of ADP Support has been assigned the responsibilites of pre-paring risk analyses and appropriate security specifications. To perform the risk analyses, ADP Support has drawn considerably upon the guidelines of Federal Information Processing Standards Publications 31 and

65. However, since the probabilities of threats analyzed were such low numbers, a strict mathematical approach was not feasible.

ADP Support has analyzed potential threats and recommended appropriate security measures to greatly minimize their potential for damage. The results of the risk analysis are presented in Section 2.0, Risk Analysis. Section 3.0 details the additional protective measures recommended. l The Property and Supply System (PASS) is an on-line interactive system with minimal batch processing, all of which is under total operational control of the Property and Supply Branch, Division of Facilities and Operations Support, Office of Administration. PASS has three subsystems. The Property Subsystem is currently operational on a Data General Eclispe C330 Minicomputer. The Supply and Maintenance Subsystems are being developed to run on the same minicomputer. 1-1 - - + - - r -+7 c. e--9< -.ewy-. e r y

2. 0 RISK ANALYSIS ADP Support has analyzed the probability of occurrence of potential threats to the Lugenbeel Building security as well as the potential of such threats to impair the facility.

Table 2-1 provides a sum-mary of the threat potentials and indicates those which necessitate additional security measures. Table 2-2 lists additional security measures that ADP Support has recommended to ensure the continuous operation of the facility. The following subsections discuss in detail the analysis of each class of threats and existing or any necessary additional security measures. 2.1 NATURAL DISASTERS The natural disasters considered in detail here are fire and wind-storm. Earthquakes and floods were not addressed because they have no significant probabilities of occurrence in the Bethesda area. 2.1.1 FIRE The Lugenbeel Building is constructed of curtain and cinder block wall exterior with interior walls and partitions of \\-inch gypsum wallboard on metal studs. The likelihood of a fire entering the facility from outside is remote. The facility itself is furnished primarily with metal furniture. The building is well supplied with portable fire extinguishers and fire alarm pull boxes. Any fire that might occur would most likely be an electrical fire in equipment or a paper fire. Should a fire occur, there is a high l potential for loss of computer data, equipment or of original docu-ments. Although the Montgomery County Fire Department records show there have been no fires in the Lugenbeel Building since June 1971 l and the likelihood of a fire continues to be small, the potential consequences are high enough to warrant greater protection. The following fire controls are recommended for the Lugenbeel Building: l 1. Smoke and heat alarms should be provided in tne computer room which will interrupt computer electrical power (after a short time delay) in the absence of human intervention. This would ensure that the computer is shut off in the case of fire. l 2. All employees should be instructed on how to use fire extin-guishers properly. 3. Documents should be stored in fireproof, locked cabinets. 2-1

4. The local fire department phone number should be prominently displayed for all employees. (See Appendix B for fire procedures.) 5. An evacuation plan showing preferred evacuation routes should be permanently posted in the facility. (See Appendix B for evacuation procedures.) \\ q 2.1.2 WINDSTORM Dr. James R. Mcdonald, Texas Tech University, performed a " Wind and Tornado Hazard Analysis for ADP Facilities in Bethesda, Maryland." Dr. Mcdonald's report dated August 15, 1979 included a windspeed risk model. (See Apendix C.) This model gives the probability of exceeding threshold windspeeds for straight winds and tornadoes. Provided the 1.ugenbeel Building was designed in accordance with the Building Officials and Code Administrators (BOCA) basic building code, the probability of exceed-The ing design windspeed in 50 years is approximately 15 percent. probability of the building being struck by a 105 mph tornado is 0.04 percent in 50 years. Consequently, the potential for loss or damage frem windstorms is very low. 2.2 UNAUTHORIZED ACCESS Unauthorized access is the single most important threat to the facility and consequently has received the most attention in the security analysis. For the purposes of analysis, unauthorized access has been treated in two parts -- normal working hours (DAY) and non-working hours (NIGHT). The motivation for unauthorized access to the facility can be conveniently broken down into th'ree areas: Theft of equipment Theft of information Disruption of work or vandalism As a general threat to the facility, equipment theft ranks low since the critical equipment is large and generally difficult to move. That equipment which is easily removed, typewriters for example, are not critical to the facility. Theft of equipment is a more serious threat af ter working hours than during working hours because it depends upon covert removal of equipment. Theft of information can be detrimental to the facility operation for several reasons. If the theft involves physical removal of original documents which have not yet been processed, important data may be irretrievably lost. If the theft involves the covert entry and copy-ing of information, then an information compromise occurs. 2-2

a Disruption of work or vandalism is a threat present from various The nature of the NRC mission and the associated function of the facility could draw higher than average attention to protest groups. Information and equipment theft or the facility from these groups. Disruotion of work is likely dur-destruction could occur as well. ing working hours, but could occur through vandalism after wor Disruption of work or vandalism by NRC employees is not likely due to the security clearance policies' discussed below. hours. However, the possibility of destruction by a disgruntled employee is acknowledged but considered low. UNAUTHORIZED ACCESS OURING WORKING HOURS (DAY) 2.2.1 This situation involves entry while the facility is manned d normal working hours.that the turnover rate will be low, and all employees w other by sight. clear individuals who participate in the design, o in-itive data, tainance of Federal computer systems, which process sensThese individuals and also individuals who have access to such data. i l Agency require clearances based on National Agency Checks, Nat ona - i checks with Inquiries, or on full field background investigat ons i conducted by the Federal Bureau of Investigation or d magnituce sitivity of the data to be handled as well as the risk anHowever, it shcul Commission. of loss that could be caused by the individual.be note ii for security clearance. There are three The facility floor plan is contained in Appendix A.t locked from exterior doors, two of which are fire exits and are kep All personnel must, enter the office through the main lobby entrance, which is manned by a security guard from 6:30 the outside. to 3:00 p.m. to 10:30 p.m. Monday through Friday and from 7:00 a.m. on Saturday. that intrusion would be easily detected. the Based upon the physical layout and the security guard service, k likelihood of covert theft of equipment of information during w ing hours is considered low. following recommendations are made: An NRC approved lock should be installed on the inner comp 1. room door. rt. No visitors should be allowed in the computer room without e 2. f people Additional protection against an unannounced m l not 2-3

/ => // II likely to be required. However, the following law enforcement and' emergency response organizations may be able to prnvide assistance in an emergency: i, Organization Phone Local Fire and Police 911 NRC Division of Security 427-4472 Furthermore, the following emergency procedures are recommended: g 1. In case of emergency, administrative personnel should be jointly responsible for notifying the NRC Division of Security and local fire or police (See Section 3.5, Emergency Chain of 4 Command). 6 } 2. In the event of a bomb threat, the recommer.ded bomb threat pro-cedures (see Appendix B) should be carried out. e 2.2.2 UNAUTHORIZED ACCESS AFTER WORKING HOURS (NIGHT) This involves the entry, presumably covert, for the purpose of theft or destruction of equipment or information. The guard service and the Lugenbeel Building itself provide defense against this type of entry. While the guard is on duty, all NRC employees must present photo ID '/ -'V;/ cards to enter the building. Visitors must be logged in and itsued visitor cards. All persons entering the building after. 6:00 p.m.' on /. \\, weekdays and any time Saturday or Sunday must be logged in. These '4 1, logs are kept for several months. 5 When the guard is not on duty, the Building Lobby is covered by security alarms andicameras'which are monitored by the GSA Security Service. The Property and Supply Office is also equipped with a security alarm. The theft of equipment or information is considered to be adequately covered by the security arrangements described above. However, as additional protection, the following recommendations are made: 1. Proprietary documents shocid always be stored in locked cabinets. 2. Processing of sensitive or proprietary documents will receive the highest priority in order +0 minimize the length of exposure and therefore the possibility w/ loss.

2. 3 HARDWARE CONFIGURATION AND SECURITY PROCEDURES Sections 2.3.1 and 2.3.2 are excerpts from the "NRC Guidelines for Control of Mini Computers and Automated Information System Software."

l 2-4

r Other than periodic review and revision of this Guideline, no other j 4 security recommendations have been made. 2.3.1 OATA GENEr.AL " SYSTEM B" ~ /i 1. LOf ATION '- Lugenbeel building, first floor, room L-100 ( 4922 Fairmont Avenue, Bethesda, MD 20014 2. C0t$nbdRA110N - l DESCRIPTION QUANTITY MODEL No. j 8600

Eclipse c/330 computer with 1

C 256kb core memory, memory ' allocation and protection; auto program load power fa'.1/ auto restart; extended / J arith, processor; commercial '4 instruction set. 4008 ' Real time clock 1 4007 I/O Interface 2 1 4010 Async Controller 2 6053 24-Line, 80-Character 5 Video Display 4218 300 LPM Printer Subsystem 1 6021 Mag Tape Subsystem, 9 track 1 75 IPS, 800 BPI plus con-troller for 8 units. 6060 '96MB Disc Subsystem includ-1 ind controller for 4 units ,/ 4258 Async Line Mux; handles 8 1 lines 4260 Four Line 20 mA current loop 1 interface 4264 Synchronous Line Mux (RJE) 1 4251 Communi.ations Chassis 1 6060-A Disc Orive 1 6042J Dasher / teleprinter 1 2-5

1 ALM 8 Board 4256 1 Cables 1084G 1 Dasher Display Printer Subsystem (60 cps) with Associated Circuit 6055-XA Board (6054) and Printer (6041) Located - NRC Warehouse 4934 Boiling Brook Parkway Rockville, MO i 24 Line, 80-character Located - NRC Warehouse 4934 Boiling Brook Video Display. 6053 Parkway Rockville, MD 5158,013.00. Estimated equipment cost is MAINTENANCE t 3. USER MAINTENANCE id. Clean tape drive heads daily with cleaning flu a. i of paper Vacuum printer daily to remove all small p eces and dust. Change ribbon on printer as needed. Daily room maintenance. l Wipe off all equipment (external only) dai y. forms, printer Check supplies daily (id paper for printer, d r through the ribbons, tape drive cleaner fluid) and reor eDiv Supervisor, l P Support will woen ne.assary. CONTRACTED MAINTENANCE - T putable vendor I nd correct any b. to perform all preventative maintenance a hardware problems as they arise. computer room to h LOG BOOKS - A log book has been placed in t eperator, what sys record time of use, who was the equipment oe malfunctions.It is the This book 4. was being executed, and any hardwartem. must be signed by anyone using this sysrecord of d This log is also r free time. used to schedule other users during curs, first I SYSTEM MALFUNCTION - When an equipment failure ocis contact the ADP System Maintenance Superv 5. I I 2-5

of ADP Support. He will evaluate the situation and determine if the problem is (a) hardware, (b) systems software, or (c) applications software. He will then take whatever steps necessary to eliminate the problem. 6. BACKUP - In the event of a major problem, the Data General System "C", room 1220, Landow building, is the primary backup system. The secondary backup is Data General System "A", room 337, Lugenbeel building. When designing a new system, the Systems Analyst must consider the configuration of the backup system. Before an application system will be accepted for pro-duction, it must be executed on the backup machine. Scheduling problems that will arise due to the extra workload on the back-up system will be resolved at the division level by all parties involved. 7. SECURITY - The building in which this ccmputer is located has limited access. An armed guard is stationed at the entrance and a badge must be displayed to gain access. As an added security measure, the computer room itself should be locked when not in use. Permission to enter the computer room may be granted by either the Division of ADPS or from the Property and Supply Branch. For convenience, the keys to the computer room may be obtained from the Division of Facilities and Operation Support, Property and Supply Branch. 8. QUALITY ASSURANCE - The ADP Equipment Support Supervisor will make periodic inspections of the computer facility for security, cleanliness and safety. Any violations will be noted and appropriate action will be taken. 9. CURRENT APPLICATIONS - Property Accounting Systems (PASS), see the Users, Operations, and Systems Manuals for technical details concerning this application. See the PASS Procedures Manual for administrative details; Estimated development cost is $248,581.00. 10. APPLICATIONS DATA - Files which contain the actual information captured by a system are what is known as applications dati. Other terms which refer to applications data are data base and data bank. a. CONTROLS ON APPLICATION DATA - Safeguarding data is of the upmost importance. The design Systems Analyst has the responsibility for creating a system that assures the strongest controls against unauthorized access to the data. A password technique is the method most widely used today for controlling access to the data base. i b. BACKUP - Data base backups are normally made at a much I higher rate than other files such as applications software .or systems files. The means, device used, and time frame to create a backup is decided by the design analyst. 1 2-7

o However, to satisfy the of fsite tape requirement, a tape backup must be made by the user and placed in the ADPS library. It is best that each application have a separate job, to be executed by the user at specific points of time, which creates the offsite tape. c. RECOVERY - There are usually 2 separate backup files for each system. In most cases the normal backup which is kept in the computer room is sufficient for a complete recovery. When a catastrophe has occurred and the normal backups are useless, the offsite tape may be used to recover. In either case a stand alone job must be used to restore the files.

11. OFFSITE TAPE STORAGE a.

DEFINITION - Offsite tapes are magnetic tapes which are stored external to the computer room. The information contained on these tapes shall be all data files, and applications software necessary to make a system fully operational in the event of a catastrophe. Offsite tapes may be part of the normal backup function of a system with the backup tape rotated thru the ADPS tape library. NOTE: Systems with classified data will not use offsite tapes. No tapes with classified data may be stored in the ADPS Tape Library. b. LOCATION - All offsite tapes will be stored in the ADPS tape library on the 6th floor of the Phillips Building. The Tape Librarian has sole responsibility for all tapes while in the library. c. WHEN TAPES ARE STORED - The frequency of creating and stor-ing offsite tapes is totally dependent on the application. l When a new ' system is designed, the Systems Analyst must ( decide when offsite tapes are to be created. However it should be on a regular basis. Each application is unique and the analyst must evaluate how critical data loss can l be in the event of a catastrophe, d. NUMBER OF GENERATIONS - Three generations of offsite tapes must be stored at all times. More may be kept depending on the application and recycling technique used. t 12. TAPE LIBRARY a. LOCATION - The tape library is located on the 6th floor of the Phillips Building within the Division of ADP Support, Room P-624, 7920 Norfolk Avenue, Bethesda, MD 20014 l Tapes are stored in metal tape racks and are locked each night. Classified data tapes are r.ot permitted to be 2-8

stored in this library at any time. The Tape Librarian has sole responsibility for all tapes in this library. TAPE LABELS AND NUMBERS - New tapes purchased for the NRC b. will be assigned a sequential 6 digit number by the Tape Librarian. Data file exterior labels (form ERDA 748) are The first placed on the tapes by tiie user at time of use. copy of this form is the actual exterior label which identi-The fies the physical data files contained on the tape. second keypunch copy of form ERDA 748 is used as an input transaction into the Tape Library System (system number 3037). TAPE LISTINGS - System 3037 Tape Library System produces a c. number of recorts. One of the reports is a master index of all tapes. This report is updated daily and is available for reference from the Tape Librarian. Each month a com-plete list of tapes assigned to each user is distributed. It is the user's responsibility to review this list and To release a tape ,r,elease unused or unwanted tapes.

simply place,your initials beside the tape number you want released;and return the listing to the Tape Librarian at the address listed above.

For a complete description of reports available from the Tape Librarian System please reference the system 3037 users manual. SCRATCH TAPES - To obtain a scratch tape simply call the d. Tape Librarian in the Division of ADP Support and he will assig,you an unused tape. To release or scratch a tape please see Section C above. CLEANING AND DEGAUSSING TAPES - Each time a tape is scratched e. from the ADPS Library it will be cleaned by the Tape Librarian. It is also possible to have a tape cleaned by If a lost of I/O errors occur, cleaning the tape request. may help, but this* procedure'is not recommended since data on the tape may be destroyed. A tape will be degaussed upon release, if the data on the tape warrants such action. The Tape Librarian must be notified by the user as to the type of data contained on a tape file so a decision may be The degaussing machine is loca'ted l made to degauss or not. in the ADPS Computer Room, Silver Spring office. l SAFEGUARDING OF ADP SYSTEMS DOCUMENTATION 2.3.2 VENDOR SOFT'dARE DOCUMENTATION - Vendor software documenta 1. the manuals and other papers or booldlets wnich describe and This documenta-instruct users on a particular software product. tion was obtained from the company who markets the product. ~ [ BACKUP '# hen documentation is received for a product, all but one of the sets of manuals is distributed to users of a. i l l 2-9 l l

The Division of ADP Support keeps the one This copy so it may be placed in a master library. that product. lips Build-library is located on the 6th floor of the Ph nd backup. aster RECOVERY - Recovery of destroyed material in the m One: obtain a library could be done one of two ways. copy from order b. a new copy from the vendor. i t d list of com-PROGRAM LISTING - Program listings are the pr n e ter perform a i puter instructions necessary to make a compu Once these listings are accepted for product on 2. ts located in the Division desired function. i The they are stored in metal filing cab neillips Building. of ADP Support on the 6th floor of the Phcabine s contained therein are under the control of the A Removal of any program listings orADP System Supervisor and his staff.other documents without permissio Supervisor is strictly prohibited. t on disc in BACKUP - All source code for programs are kepEach applic source code libraries.and it is periodically dumped to tape, a. the program RECOVERY - To produce a new program listing, library. could be recompiled from the source code b. document which USERS MANUAL - The Users manual is a re t rs, and Also it describes the functionsi ology, such t 3. interpretation of results. performed by *.he software in non-ADP term nlicability and w user organization can determine its app icrofiche by how to use it. BACKUP - The ccmplete manual is recorded on mA memo the Division of Document Control. ides the pro-a. Asa R. Frost to the ADP Support Staff provc fiche. l has the tech-RECOVERY - The Division of Document C To icrofiche. b. retrieve the complete manual, deliverthe Doc t a " blowback" of the entire manual. tions Manual is to OPERATIONS MANUAL - The purpose of the Operal with a d t so that the software provide computer operations personnesoftware a 4. can be run. 2-10

a. BACKUP - Same as 3.a above. b. RECOVERY - Same as 3.b above. 5. PROGRAM MAINTENANCE MANUAL - The purpose of the Program Maintenance Manual is to provide the maintenance programmer with the infor-mation necessary to understand the programs, their operating environment, and their maintenance procedures, a. BACKUP - Same as 3.a above. b. RECOVERY - Same as 3 b above. 6. SYSTEM DESIGN DOCUMENTS - These are documents produced in accordance with the ADPS Automated Information Systems Guidelines by the design Systems Analyst. These documents are very useful during the design and implementation stages of a system, how-ever, fter a system is in production they are only used for historical reference. a. BACKUP - Same as 3.a above. b. RECOVERY - Same as 3.b above. 2.4 SUPPORTING UTILITY FAILURE The supporting utilities used by the Lugenbeel Building include electric power, heating, and air conditioning. Failure of the building elec'rical supply would shut the facility down, which would in turn disable the user terminals. This is a rare event and the mean time to repair is an hour or two; 24 hours would be a very extreme case. No backup for this failure is planned. The computer room po'wer supply contains similar type of equipment as in the building supply and should provide the same level of reliability. However, it was noted that the computer room power supply does not protect against power line fluctuations, does not provide built-in diagnostic capabilities, and can not be backed up by the building supply. Currently, there are no plans to provide these capabilities. The computer room is serviced by the building heating, ventilating, and air conditioning system. However, since air conditioning for the computer room is critical, a separate air conditioning unit has been installed in the room. The probability of extensive down time on this unit is remote. Therefore, no backup for its failure is planned. The building water supply is not used in the computer room air con-ditioning unit. 2-11

TABLE 2-1

SUMMARY

OF THREAT POTENTIALS AND PROTECTION REQUIREMENTS FOR THE LUGENBEEL BUILDING FACILITY Probability Potential Additional Threat Specific of for Protection Class Threat Occurrence Imoaircent Recuired* Natural Disaster Fire Very Low High Yes-Items 1,2,3,4,5 Windstorm Very low Very Low No Flood Very Low Very Low No Earthquake Very Low Very Low No Unauthorized Equipment loss Low Low Yes-Items 6,7,8 Access Information Loss Low Low Yes-Items 6,7,8,9 Vandalism or Disruption low Low Yes-Items 6,7,8,9 of Work Hardware Computer Failure Equipment Low High Yes-Item 10 Terminals Low Low Yes-Item 10 Communications Equipment Low Low Yes-Item 10 Supporting Building Utility Failure Electric Power Low High No Computer Power Supply low High No Building HVAC Supply Average Low No Computer Room A/C Unit Low High No " Refer to Table 2-2 for description of items, t l l l l 2-12

i 1 i l TABLE 2-2 ADDITIONAL SECURITY MEASURES Item No. Descriotion 1. Smoke and heat alarms 2. Fire extinguisher instructions i 3. Document storage procedures 4. Fire department notification procedures 5. Fire evacuation plan 6. Install lock on computer room L 7. No unescorted visitors 8. Police and Security Guard notification procedures 9. Document protection procedures 10. Periodic review and revision of "NRC Guidelines for Control of Mini Computers" e e l l l l l 2-13

3.0 SECURITY PLAN The purpose of this Security Plan is twofold: 1. Ensure that all reasonable steps are taken to prevent situations which would interfere with the accomplishment of the objectives of the Lugenbeel Building facility. 2. Ensure that procedures are established to best handle any situation which might reasonably arise. Table 2-1 lists the threats analyzed, and Table 2-2 is a summary of the protective measures incorporated in this Plan. In the following subsections, the Additional Protective Measures recommended by ADP Support for the Lugenbeel Building are presented under the. headings of: 3.1 Access Controls 3.2 Fire Controls 3.3 General Procedures 3.4 Equipment Failure / Loss Contingencies 3.5 Emergency Chain of Command 3.6 Security Plan Review 3.1 ACCESS CONTROLS The following access controls should be maintained for the Lugenbeel Building facility: 1. All facility entrance doors should be kept locked from the outside at all times, except the main entrance which should be unlocked during normal business hours so long as the guard desk is occupied. A lock should be installed on the inner computer room door. 2. The building security alarm should be active whenever the facility is not guarded. I 3. Visitors should not be allowed free access to the facility. In particular, all visitors to the computer room should be escorted at all times. l 4 Sensitive. documents should be kept under lock when not being l processed, and especially when the facility is not occupied. 5. All employees should be responsible for ensuring that documents and equipment are not lost and that visitors are not allowed to wander unescorted in the facility. 6. Administrative personnel should be jointly charged with notifying the local police in the event of forced entry during working l 3-1

d). The police hours (see Section 3.5, Emergency Chain of Ccemanbe prominently phone number and the NRC security number sh Support. FIRE CONTROLS Lugenbeel The following fire controls should be maintained for the 3.2 Building facility: t ction Smoke and heat detectors should be installed for alarm pro e 1. in the computer room. tinguishers All employees should be instructed on how to use fire ex 2. properly. Documents should be stored in fireproof, locked cabinets. i tly 3. The local fire department phone number should be prom nen(S 4. displayed for all employees. for the An Evacuation Plan showing preferred evacuation routes (See facility should be permanently posted in the facility. 5. Appendix 8 for evacuation procedures.) GENERAL PROCEDURES erating The following general procedures are extracted from other op 3.3 ii l to the security procedures and will be maintained as items cr t ca function: the All documents of a sensitive nature shall be flagged at i d to reduce earliest opportunity and their processing exped te 1. the possibility of loss. d in locked All sensitive documents and microfilm shall be place storage when the facility is not occupied. 2. EQUIPMENT FAILURE / LOSS CONTINGENCIES f eciuipment The following contingency plans for the failure or loss o 3.4 shall be implemented when appropriate: hand Sufficient spare units and spare parts should be kept on l reliability by the maintenance contractor to ensure the genera 1. of equipment. In the event of failure, if the unit laced by a Most units are redundant. cannot be returned to service quickly, it will b h unit 2. when possible. i fforts For units which are not redundant, diagnostic and repa r e will be initiated as soon as possible, an 3. 3-2

will be estimated. Management personnel will then decide on additional measures to be taken and their timing. 4. In the event of a short-term failure of the building electrical power, the ADP System Maintenance Supervisor will ensure that all ADP equipment functions properly upon return of power. It shall also be determined whether or not electronic data have been damaged or lost during the failure. 5. Should a prolonged (greater than 15 minutes) outage occur, the ADP System Maintenance Supervisor shall ensure that the Division of Facilities and Operations Support is aware of the outage and attempt to determine the expected time to repair. 3.5 EMERGENCY CHAIN OF COMMAND In the absence cf appropriate individuals, emergency decisions shall be made by the individual at the facility who is highest in the following Emergency Chain of Command. The names of NRC personnel who currently fill the positions in the Emergency Chain of Command are listed below. Grover Estep - Chief, Property and Supply Branch Herb Parcover - Chief, Property Management Section Art Correira - Senior Property Management Specialist James Calloway - Property Management Specialist l 3.6 SECURITY PLAN REVIEW The NRC Facility Manager shall cause a review of this Plan to be made at least annually, and more often when conditions indicate the - neces s i ty. A dated revision to the Plan shall be prepared if any changes are deemed necessary as a result of the annual review. Changes made at less than annual intervals shall be incorporated by addendum. Each annual revision shall incorporate all previous addenda. 3-3

APPENDIX A FLOOR PLANS EVACUATION ROUTES l l l l

O. ) .N F.,.a.:. N (:.. :. ~'

=-

..=- e s = .N

=:-

y".g*.

    • s o

1 Y

== C "" A s N I.Ei.i. ..*= -. = l l

===- e:..:; UP C *.*. h

==- g;= r= _ H l r=- p e... l

  • M. -

\\ .5- =. j,C .=. o-r= = i Ec: J" t-W c m porr.x

= -

Spon I, ._"=- 69 1 -,f= i E; s \\. =~.

r. <

.t._-. = 1." " g'.: :_" .N i g l t==. _. iE=- v / \\

== p==- .=..g> r=. O. /' <) i 55-a .s g. ,i = =. i . y t.

==

..,,.=..

N.. l iE" t=.= p=. d" *. l tmaron c= .. =. t t a I B EE.77 vv

=:

w*.. g .. r---- M ),\\. . tCIET r:.. e [ 2__ /, -

==~ . =. - ,s' s, p r=.= e 1

r v.

.mm.-

.. a e

e l, [ ss-y ....Q.. s s

==. Evacuation Route - 1st F1cor - Lucenbeel Building '*:~ ~ 8 1. e e.. g/

. =. -

maa ......-.. ~... - ... <. ~........... - - -..,.... ~. -. -. - M6-- 1

p-, N 5-7 : .r.<_a. N.- i -~- t- ,- g. 1.- .=_': . = = .. = _ = s all ri f ex a

=E 3
.==.

= =.- 7 d I=EI l I /* I EL'E4' /- , t.{' c.__= r\\- r.\\./ su ..... ~,. $ i.e

-.=

.m r e. "~T r f l 4 % ur eew. t..L: :- cc,,:co. F

.. =

=

8 m ig. "eEIN $ .~[.5 ./. a_ icati =g 3 ( 1I u 5 _,p-

==. 1 O \\. ci n g =- 1.1 0 % ci oo ; p;=. v I D \\o AA!: = _ = _ nu ,f Q \\*/ vers scat M \\, I c) eooi ..EE. 5. a e 1 a = =, - 'Ne t f_-f 4 a g 5 p . lH y\\.- ,\\ - =. t

.=.:

ru I E LIGNIAllt l 'T a = a o = h'* H I,l .::c n -q '} -- ~ e e-. _N===_e_....a. il (.. n, j r. p a a = } ^4 1l 2 .A..,

O V-.-

V 12 3 y n.: - &e:... ; sieures WP y g'g a l' ensie: y / a . :.=. i I l _i. t. m I' N aCit/CNtat utCutals04 a g Y. 3:=. y,. 7 q .:=.- ./ .)A .=- . g. a.. 1 = _.

=-

l ) .R. _ c: 's u. e a c c M, -} ---a IN CASE OF FIRE DO NOT USE ELEVATORS ~ USE EXIT STAIRS 2._.3 .. s s 1 . =. _ = - Evacuation Route - 2nd Flcor - Lugenbeel Building ~rF

.=-

.= l i i A-2 1

p

  • = -..

y t

  • e N

.?.- 4;::= rE, = i.! . s L..._. -.g* 5; =

=

W:.:=. E_-T e a ,.,_.m Na a a !5E -

=:..

q I, =, s. I W E=.. i ,'( 'k 'l ...W = ya 2A I* au-M4 g.

-3
-

/

I are I,

-Y d, d:- 5 n:v(m1 E. (. i !OfL!I l, i= 3 g g 5 sg F l.r j O \\o E 5 F .\\ O 00,

== O v 1 O .\\ o

  • ~i l

M 3 WIN 510ftfi IN [-T.- i: >J. ,\\

  • IC OOO5 M-l,i N,-

-p -s-3 t t l a =- sl C. .%y

  • l

.5 f.,

.::_-.~.

= b w w -_ s =y 7 3.;- j d l 9 p -:= 3 tiens httl E g w T.. a g. p d [ 1 5::- -~ ~ p~ 'N. : y.f'. e

+*..

.,e_ m -- -- ffY/ l y .,gcop1 ?_:_.- /i I l., n. .=~ = 1 i g-l q (ttva!CE l;3^h ? "#.~ q 1 .-d C018 '04 1 ~55 _b j\\.1/.'. I e a fPl ~ = - G la_.' T4 / < ,/ = i_~.E t.. m se IEE N,- l I. e = =. ' m 3 I.. /

e. :-

F =. - d E l \\ 1. F .h: a

a a

IN CASE OF FIRE Dd NOT USE ELEVATORS - USE EXIT STAIRS 3' = -. C.:. - . =. Evacuation Route - 3rd Floor - 1.ugenbeel Building T: 1 = = l l l j l l se gg ..--e ..n-g I

e APPENDIX B EVACUATION PROCEDURES BOMB THREAT PROCEDURES O

-s N 's. ~ EVACUATION PROCEDURES FOR THE LUGENBEEL BUIt. DING The evacuation procedures are the same for fire, bomb threats or other emergency, situations. The procedures set forth below are provided for your infomation, guidance and parsennel safety. You are requested to become thoroughly familiar with the procedures, locations of alarm pull boxes and evacuation routes. 1. Discovery of Fire - If you discover a fire, regardless of its size or procaole consequence: FIRST: Sound the alann by pulling down on the lever in the fire alarm box. This alerts the occupants of the building but does not notify the fire department. SECOND: Call the Fire Department, 9-911 and report the exact location of the fire: Lugenbeel Building, 4922 Fairmont Avenue, and Floor. THIRD: Notify N.R.C. Fire Marshal, Chuck Beckwith at extension 28184 so that he can direct the Fire Department to the exact location of ~, fire and notify them of the location of any physically handicapped personnel to be evacuated. 2. Stairsell exits are located at the rear and front of the building. The rear exit leads into a narrow alleyway. Personnel must proceed either to the right or the left upon entering the alleyway. If the alleyway is blocked with debris, then the first floor hallway leading to the front entrance should be used for exiting the building. 3. 'n' hen Fire Alarm Sounds: a. Shut all interior and corridor doors and windows. Secure classified material and repositories. ' Leave lights on. 'l sing the emergency stairsells nearest your office, proceed rapidly and b. in an orderly fashion to vacate the building. Floor Wardens have been designated to assist in directing you to the nearest stairwell. Proceed to the assembly area in the parking lot at the corner of Fairmont and Norfolk Avenues and wait further instructions. Handicapped individuals, assistad by Handicapped Persons Monitors, should c. proceed to a point adjacent to the nearest exit stairsay and await As soon as all occupants have left the floor and the , instructions. -stairway is clear, the. Monitors should physically assist the handicapped individual, along with any equipment needed such as crutches, wheelchairs, etc., down the exit, stai,rsay. d. Upon their arrival, the fire department will determine if the elevators are safe to be used to evacuate handicapped personnel. If so, fire department personnel will manually operate and control the elevators to respond to the fire floor and to evacuate handicapped personnel. &/

N to the Evacuation Routes - Evacuation routes are posted on walls next Occupants shall use the closer of two stairsells located on [ First floor occupants use nearest exit. 4. elevators. the east end of the building. The elevators must not_ be used during an evacuation. a. Floor wardens have been evacuated from assigned areas. ' b. i ill after Assembly Area _ - All personnel not assigned specific dut es w f Fairmont leaving tne building proceed to the parking lot at the corner o 5. i and Norfolk Avenues and await instructions, tinguish the Firefichtinq - Floor wardens will proceed to the fire and ex l of the fire fire, ii still blazing or check the spread until the arriva(a) stationing a war 6. ~ The Fire Warden is responsible for: department upon or alternate at the front entrance to direct the firearriva fire department. department. ~~ ill communicate, All Clear Sicnal - The N'.R.C. Fire Marshal or Alternate wBadges must be sho by megapnone, to' all employees the all clear signal. 7. to reenter building. l for fire Fire ?revention_ Reminders. - The following minimal ground ru es 8. prevention: i This is Maintain good housekeeping in all areas of the build ng. one of the most effective means of preventing a fire. a. fire hazard Bring to the attention of your supervisor any apparent b. existing in the bufiding. Smaking is prohibited in stock rooms, and Obey "No Smoking" signs. places where flammtSles are' used or sto c. i ashes into Do not empty ash trays, throw matches, cigarettes, or p petaining co l l do. this.. waste baskets, or any other receptac e con (especially a Let.the clean up personne.. d. ~ in use. Turn off electrically operated office equipment when not Continuous over-e. Multiple plugs or plug strips should be avoided. d fall loading of electric lines causes insulation to become crisp an The hot wiring can ignite wall partitions or f. If fuses or circuit breakers repeatedly blow out, Rf , away from the wire. - other structures. the circuit probably is overloaded. mine the possible def.ici,ency. B-2

+ N N. NRC HEADQUARTERS BOMB TliREAT PROCEDURES Lugenbeel Building 4922 Fairmont Avenue Bethesda, Maryland 20555 If you are the recipient of a telephone bomb threat:

l.. Notify your supervisor and immediately report the call to the Security Operations Center, Phillips Building, 492-7500 (this is an emergency number to be used only during life-threatening situations). The Security Opera-tions Center will call local law enforcement personnel, General Services Administration personnel and Division of Security personnel. The Division of Security will call the officials listed below.

2. In order to provide accurate information, NRC Fonn 221 " Bomb Threat," (see enclosure) has been devised to assist you in detennining the vital infoma-tion which will be needed in evaluating the threat. The form should be completed as soon as possible. 3. Remain clam and do not further disseminate infomation concerning the bomb threa t. The decision to evacuate the building will be made by the designated officials. The Division of Security will provide an evaluation of the situation and recommen-dations regarding evacuation. If the decision is made to evacuate the building the announcement will made by means of th,e fire alarm system. If notified to evacuate the building you should: 1. Secure classified matter and quickly survey your area for any unusual or suspicious packages which might contain an explosive device. If any such package is noted. 00 NOT TOUCH OR DISTURB IT, report the observation to your building protection personnel. Personnel trained in the handling of explo-sive devices will take further action regarding the suspicious package. 2. Use Fire Evacuation Routes to leave the building. 3. Proceed to the parking lot at the corner of Faimont and Norfolk Avenues and wait further instructions. During an ev'acuation, it is requested that each NRC employee: 1. Equre that visitors are properly logged and controlled while in NRC-controlled areas. 2. 'Jear their employee iden'ti'fication badge and report to building protective personnel any unidentified oi unknown persons. Building protective person-nel will verify their identity and purpose within NRC facilities.

Enclosure:

NRC Fo m 221 6-3

...e., J., .s g i=._ [95 .- =- . j.. EF** ' s Ph ACE THIS CARD UNDER Yi9JR *.it.EPHONE ~ OUEsTIOtJs TO AsK CA L L E R*** VOICC

  • i=
    =-

I v men, seus Co NC 70 Exrtnc(, O Catu O NAs4L D O ANcay O stuTTEA .19 O ExcTEo L 57 E . N 2 m* E ft E is 17 A s ce47 N OWF 0 slew O AAsPr i A O mArto O cEEP -5 O sort .O arc Ea !;si 3 erHAT OCEs IT LOCK LIKli O teuo .O cLE AHiNo THsus47 -== 0 LAucHTz A O DEEP 8AE ATHarvG d O eMYiNG O caAcK Nc veics k==

4. tW4AT CIND OF SCfA5 ts 4T, O NORMAL O orscuisEn

"==Ei O erst:n c7 O Ac:ENT ,7 O stunnEn O FAu L:A4 = =. ~

5. m4AT WILT. CAusE IT TO EXPLCOE7 IF VOICE Is FA8AILIAM. WMC clo IT scVNo LIKZF

[

=.n

=

.~-
6. 080 iLeu PLACE THE !!cM87

~. - .. _~ T EACKGRCUND SCUNDS ll== 7 M1Yr .O sTnEET Norse O CLEAR )) ~~ 'O house NctsE O STATsc ^~Z O ANius.L Norse O LocALcALL Z

8. m4AT Ls YCUM ACoAEs37 O CROcKEMY O teuc c: STANCE O YOIC1s O TELEPHONE 500TM

~ O PA SYSTEM OTHEA.

.=_,

9 hwAT 15 YOUR N AMER O uusic s O uoToA O OFFtCE [ - _- EXACT WORDING OF THE THRE AT EcuiruENT .e.._.. Q rAC:. t* MAcNINE AY THREAT LANGUAGE ~ s_.-._. O mLt sioKEN O iNcewtnENT .= m I O TAPED i== O Fout O utssAct atAo my

== O 1RRATIONAL THRE AT MAK! A j. c,HE4 Ed E'" REMARK 3: g y. .rr....- REPORT CALL IMMEDIATELY TO l, g- - l st x CF CA L L E R. RACE SECURITY CPER *.710NS CENTER, PHIL!.JPS EUll.9tNG ^= f i (

= =

PHONE NUMsE A LENGTH C7 CALL. ' ., g E II ACE C-PERSON RECEIVING CA LL @ }- nu." AE A AT n'ecM CALL ts AE CEnvE n NAug {-{'- g suf OAu uA:t re:: TecN O,u ___ /__ /__ =c e new :: u.s. =vett aa a t evu rce, couw. a tai r -cs t.u c E A. ATE / /-- 301.18 THREAT k"C 'o'" :2' " 288 ,2= =I- ! -2.=. . =. -. ~. _ - - =. - -_8,,- Y. "i.- \\ l l ...... -.. ~.. -.. .. -. ~.. - - - -

's. ', EXPLOSION In the event of an explosion in the building, such as those caused by leaking gas or a faulty boiler, perform the following actions: 1. Take cover under tables, desks, or other such objects which will give protection against flying glass or debris. 2. Notify the Fire Department, 9-911 and report location of explosion. 3. Call the Lugenbeel Building Fire Marshall, Charles Beckwith, 492-8184 and give him the location of the incident.' 4. After effects of explosion have subsided, Designated Official will decide whether to evacuate the building. 5. If an evacuation is necessary, occupants evacuate under the direction of the Floor Wardens using the Emergency Evacuation Procedures. 6. If the building is evacuated, occupants assemble away from the building at - ~ the parking lot at the corner of Fairmont and Norfolk Avenues and wait for instructicns from agency officials. e G ( 4 1 v : e i I B-5 l

APPENDIX C WINDSPEED RISK MODEL Em 4 .e

FI F2 F3 F4 F5 I r 10 l so 50 -2 sa I r 10 10 0 BCCA DESIGN O WINOSPEED th J Z O I -3 so 14 IrO 1000 y. y) td STRAIGHT WINCS I p W J eZ Z l

  • O'4 e

IOpOO w a s W 3 W O X td Wz N W g% O -5 o I: 10 N 100,000 Z .c3 ics W O z \\ Z g TCRNADOES c: t 'D h n O bQ W JW t 5sI 168 l Z '87 1c00,C00 gO m i z g 4 o3 i g W C. 3 2 g -7 t s a LAO 10,000,000 50 10 0 15 0 200 250 300 WINDSPEED - MPH WI.DS?EED RIS.4 !!OJEL FOR 3ETHE5DA,.'%c.YLA:10 5. l 1 l C-/ .}}

Retrieved from "https://kanterella.com/w/index.php?title=ML20053B140&oldid=4505057"