When diverse systems are integrated, systems engineers must often trade off security against safety, and vice versa. As an illustration, consider automated building-access systems. Safety engineers generally prefer building-access systems to fail open so that anyone trapped in a burning building, for example, can escape and/or emergency workers (such as firemen and EMS workers) can easily enter the building. On the other hand, security professionals would likely suggest that building-access systems should fail closed so that bad guys, such as looters, cannot enter the building.
Safety requirements should prevail. I say this because of direct personal experience and also a story that I was told a dozen years ago, neither of which I can support through published references. While there have been a number of well-documented cases where business owners locked emergency exits of factories, night clubs, etc. with resulting high numbers of deaths when fire broke out, they are not based on automated systems but on human action, such as the locking of emergency exit doors.
Sadly, I now have a documented case of an automated system locking personnel into a dangerous environment. It relates to the catastrophe at the Japanese Fukushima Dai-ichi nuclear power plant both during and immediately after the 3-11 earthquake. In a news article by Terril Jones dated March 26, 2011 and with the title “Japanese worker inside stricken reactor recalls quake,” available at http://in.reuters.com/article/2011/03/25/idINIndia-55893620110325  , you can read the following harrowing vignette:
“… the lights went out, leaving about 200 workers inside the reactor in near-darkness since the structure has no windows.
A small red emergency light started blinking.
“Then some kind of white smoke or steam appeared and everyone started choking,” Nishi said. “We all covered our mouths and ran for the door.”
But the door leading outside was locked, shut down automatically during the temblor to contain any leakage. The workers were stuck.
“People were shouting ‘Get out, get out!’” Nishi said. “Everyone was screaming.”
Pandemonium reigned for about 10 minutes with the workers shouting and pleading to be allowed out, but supervisory TEPCO employees appealed for calm, saying that each worker must be tested for radiation exposure.”
While not a main focus right now, since most attention is rightly being directed to bringing the dangerous radiation situation under control, as security professionals we mustn’t forget this particular incident. When balancing security and safety, one should lean strongly towards safety. As a first step, you should check your own office buildings to determine whether the access systems fail open or closed … you may well be unpleasantly surprised.