Security versus Life Safety

                The key factor is that for most installations, a person must be able to exit a space with no special knowledge. This means that anyone should be able to walk up to the door and exit with “No Special Knowledge.” This includes people of other languages, nationalities, and cultures. It is unacceptable to have a special lock that requires manipulation of some switch that is marked in a language everyone does not understand.

          There is a common violation to this rule. It is common to see magnetic locks operated by a nearby red push button. Strictly speaking, this does not comply with NFPA 101.

The second applicable document is the International Building Code (IBC; formerly known as the Universal Building Code, UBC). In other countries a set of model building codes is used, which are often very similar to the IBC. Again, like the NFPA 101 Life Safety Code these are standards, not law. In all countries, local authorities are recommended to reference the relevant standards as a mandatory reference to follow when designing buildings.

          In the United States, the primary international Life Safety Standard is the Life Safety Code, published by the National Fire Protection Association (NFPA) and is known as NFPA 101. NFPA 101 is revised every three years. Despite its title, the document is a standard and not legal code. Its statutory authority is derived from local Authorities Having Jurisdiction (AHJ), typically the local Fire Department. The language of the NFPA 101 is crafted in a form that makes it suitable for mandatory application and is adopted into law by local authorities.

If there is a decision to be made between Security and Life Safety, it is simple. Life Safety wins, each time, every time. No matter how the argument is constructed, no matter how extenuating the circumstances, there has to be a provision for occupants to escape quickly in an emergency — freely and with no special knowledge of how to exit.

          Remember, in most cases the door with an electrified lock in an access control system is also monitored for intrusion. Any time the door opens it is because of a legal entry, a legal exit, or intrusion. Accordingly access controlled doors are almost always equipped with a door position switch, which monitors whether the door is opened or closed.

          The switch does not know if the door is opened for a legal entry, legal exit, or for an intrusion. It just reports that the door is open. So the Access Control Panel must make a decision as to whether the door opening is appropriate or a concern to be reported as an alarm. It does this when a valid credential is read (card, key code, biometric) and reported to the Access Control Panel. After this, the panel executes several actions including.

                The key factor is that for most installations, a person must be able to exit a space with no special knowledge. This means that anyone should be able to walk up to the door and exit with “No Special Knowledge.” This includes people of other languages, nationalities, and cultures. It is unacceptable to have a special lock that requires manipulation of some switch that is marked in a language everyone does not understand.

          There is a common violation to this rule. It is common to see magnetic locks operated by a nearby red push button. Strictly speaking, this does not comply with NFPA 101.

Life Safety and Exit Devices

            Let me introduce you to your mantra: “It's all about life safety.” Once when I was 17 years old, in the mid-1960s, I went to an office building late in the afternoon where I was hoping to go to a business that had a product I was interested in. I had called earlier and they had said to “come anytime,” which unfortunately I took literally. (I was seventeen — what can I say?) Their offices were on the 8th floor of a 12-story building in downtown Columbus, Ohio. I arrived there just at 6:15 p.m. on a Friday evening and caught the front door of the Ground Floor Lobby as a man was walking out. I took the elevator to the eighth floor (most ceiling lights are off). I wandered down the dark hallway and located the company's office.

This may be the most important chapter in this book. In fact, if someone learns everything else in the book, but does not learn the material in this chapter, that person would be a failure in the security industry. Life Safety is the most important element of security. The most basic core element of all security is to protect life first, whether in regards to access control or preventing workplace violence or terrorism. This chapter discusses the apparent conflict between security and life-safety principles and how they should be resolved. We will discuss National and Local Life-Safety Codes and Regulations and how they apply to Electronic Access Control Systems. We will talk about how Locks and Exit Devices affect life safety.

Vehicles need to be controlled on a property to ensure proper traffic flow (employees here, visitors there, etc.) and to control entry to restricted areas, such as to an employee parking structure. The least expensive and most familiar way to do this is by using a standard lift-arm barrier gate. Lift-arm (or semaphore arm, named after the semaphore flags that were used to guide airplanes onto aircraft carriers) barrier gates come in a variety of configurations depending on the width of the lane and the frequency of opening. The simplest semaphore arm gate comprises a metal stand housing the motor and operating electronics and a gate arm made of wood, aluminum, or PVC plastic.

Types of Access Controlled Portals

An Access Portal is a passageway through which a person must pass in order to go from one access zone to another. When an access control portal is confronted, one knows that he is moving from one access area into another. Depending on the security configuration of the portal, access authorization may be required to enter, to leave, or to enter and leave through the portal. In most cases, access can be granted to a single individual, but for some higher security zones, access may require the presence of two or more authorized people. Access portals can be configured to work on a schedule so that access is free during some hours and requires authorization during others, or may be limited to certain individuals during certain hours.

            Pedestrian portals include standard doors, automatic doors, revolving doors, turnstiles, Man-Traps, and automated walls. Vehicle portals may include standard barrier gates, high-security barrier gates, and sally ports.

When a person confronts an access controlled portal they must show authorization to pass. The most common form of portal design is one designed to allow entry only to authorized users but also allow anyone inside the access zone to exit freely. This is normally accommodated by using a card reader, keypad, or biometric reader (or some combination of these) to authorize the user to enter. Exit is possible without being an authorized user; that is, any visitor or non-authorized person who was escorted inside by an authorized user is free to exit at any time and without any impediment. A typical portal has a locking system that must be unlocked in order to exit. Various Request-to-Exit sensors may be used including an Exit Push Button, Panic Exit Touch-Bar, or a motion detector over the door.

The standard door is the basic unit of an electronic access control system. Simple to understand, commonplace, and inexpensive, wherever there is a room or department to secure in most cases you can bet that it already has a standard door enclosing it. Standard doors are intuitive (everyone knows how to use one) and can allow for the passage of one or more users at a time.

            A typical standard door access control portal comprises a door (single- or double-leaf) with hinges and door handle hardware; an electrified lock; a card reader, keypad, or biometric reader; one or two door position sensors to tell the system if the door is open or closed; and a request-to-exit sensor. These devices report to an access control panel that may be located near the door or centrally in a utility room.

Sprint Retrospective

          Every member of the Scrum Team strives to improve Sprint by Sprint. The Sprint Retrospective is where the improvements are formulated. This meeting should never exceed four hours.

      As a natural break between Sprints, the Sprint Retrospective is when the Scrum Team sits back, reviews what happened during the prior Sprint, and formulates ways to improve their work and the way the work is conducted. The discussion might include:

 Whether or not the team members worked well together and why.

 Whether the team did more or less than it forecast and why.

 Whether the team has all the skills and facilities it needs to do the job.

 Whether or not the developers understood the requirements and why.

 Whether the team was able to complete the Sprint in line with the requirements, and if not, why not?

          While observation log analysis summarizes the tasks that novices could be objectively seen doing, it does not capture all aspects of their experience. In particular, investigating how novices feel about what they do and why they do it may also be instructive. In this section, we organize and classify some of the reflections made by novices in video diary entries about their experiences. These reflections help round out the picture of the social and hierarchical newcomer issues that define the novice software developer experience.

          Scaffolding the diary questions proved helpful in getting the subjects to think about their own learning experiences in university and industry. Particularly fruitful questions are listed here:

1. The idea of the Access Credential and Credential Reader and a comparison Database of Authorized Users is the centerpiece of the concept of Access Control Systems.

2. All Access Control Systems, whether electronic or procedural, use these same elements.

3. Early Electronic Access Control Systems used a variety of different card technologies including Magnetic Stripe, Barcode, Barium Ferrite, Hollerith, Rare-Earth, a very early form of Proximity technology, and Wiegand Wire Cards. More recent card technologies utilize 125 KHz Proximity, MiFare, and 13.56 MHz Contactless Smart Cards.

4. Keypads are also still in use, although are they less common.

5. The other type of Credential and Reader is the Biometric system, which compares a physical or behavioral attribute against a previously taken sample.

          At the end of the Sprint, you and the Scrum Master meet with the developers for a Sprint Review. This meeting is never more than four hours in length. The Scrum Team and key stakeholders get together and look at what happened during the prior Sprint and the increment of functionality that emerged during it. The review includes what was done, how much was done, how effectively it was done, and the usefulness of the work. The increment must be completed, meaning the increments must be a complete piece of usable software. Product Backlog items not completely done go back into the Product Backlog as “still to be done.” New requirements often arise during the Sprint Review. New opportunities and challenges also arise. Often, just seeing the increment of functionality evokes new ideas

Biometric Access Software

          The Scrum Team now starts creating software, starting on the day immediately after the day of Sprint planning. The developers create an increment of software functionality during the first Sprint. It may be larger or smaller than they have forecast. The entire Scrum Team collaborates during the sprint, clarifying the work. The work may have to be redefined, with requirements added or removed as needed, if the Development Team finds that it has time left or the remaining time is inadequate.

      Every day during the Sprint, the developers have a 15-minute meeting, called the Daily Scrum, to re-plan their upcoming work, always striving to deliver what was forecast. To maximize developer productivity, the Sprint objective must be agreed on by both the developers and the Product Owner. They agree that they will build as much of the required software as they can and that they may be redirected with every new Sprint. The Product Owner agrees that the requirements the developers are working on will not change during a Sprint. Anything that wasn't planned (including, for example, bringing developers to customer meetings) waits for the next sprint. Developer productivity arises from not being interrupted. Employing shorter sprints usually accommodates more frequent changes.

          The first task for the Scrum Master is to find developers to form the Development Team. The people on this team need to have the skills to turn the needs and requirements of the Product Owner (Product Backlog) into working increments of software with every Sprint.

     

      All members of the Scrum Team get together for introductions, discuss the upcoming work, and lay out the logistics for working together. The Scrum Team needs to know the vision (the needed and the hoped-for outcome), what outcomes would signify success and failure, and what the constraints are. The team looks only at the most important requirements and selects the maximum number that have a high likelihood of being developed in the upcoming Sprint. (The developers are skilled at decomposing big requirements into small actionable things that they can develop in a Sprint.)

          Scrum is a framework for managing complex work, such as software development. It is very simple, consisting only of three roles, three artifacts, and five events. Scrum binds them together with rules of play.

      The team of people that will be developing the software is called the Scrum Team. It consists of the person who wants the software developed (the Product Owner), a manager (the Scrum Master), and the developers. To avoid confusion, there can be only one Product Owner. The Product Owner decides what should be developed in every iteration, or Sprint in Scrum terminology, and evaluates the incremental results at the end of every Sprint. The Scrum Master manages the project the Scrum way. Some Scrum Masters are certified in Scrum; some have significant, verifiable experience in using Scrum successfully. Knowing how to manage Scrum Teams and projects is what counts.

Biometric Access Demand Transparency

          The world is uncertain. Software development is uncertain. Decisions still need to be made, and the organization that makes the best decisions thrives. Software in 30 days provides solid, actionable information about what is happening at least every 30 days. Each iteration is a constrained gamble. Almost without fail, the team is able to develop some software of value. Even in the worst case, where the team doesn't deliver anything, they have delivered valuable information about what is and isn't possible.

      Primavera based in Philadelphia and now owned by Oracle, develops project management software. The software is used to manage predictive process projects. The founders were aware of the irony that they had to use empirical software processes to build their predictive tools. However, to solve their problems, they had to resort to it.

          You have to have a firm grasp of the real facts to make a solid decision. The data or information you base your decision on must be transparent and clearly understood. In empirical software development, the increment is the clear and transparent information that decisions are based on.

      People must feel safe to have crucial conversations, to openly express what they think and feel, and to collaborate with others without reprisal or harm. These conversations are the heart of empiricism. Many workplaces are unsafe. Political agendas and hidden purposes pervert transparency. A manager's biggest job is to create a safe workplace, where people respect one another and feel safe to do their best, whatever that is.

          The people on the teams who are doing the work are the people best equipped to figure out how to do it. That thought runs counter to most management teachings. A manager is supposed to set a goal, figure out how to accomplish it, and then get people to follow that plan. However, then everyone is constrained to the experience, insights, and intelligence of the manager as they work.

      If the people doing the work are free to devise what to do, they can adapt to the circumstances, to the realities they face. They can share ideas and expertise to come up with the best solutions. They then try an approach, and if it doesn't work, they can try something else. This is self-organization. It applies the collective intelligence of all of the people on the team. They are not constrained to the manager's thinking and are free to do their best work.

Total Cost of Attendance

          Total cost of attendance represents the entire amount of funds needed to attend college and pay all necessary expenses each year. These expenditures are not limited to tuition and your dorm room and meal plan, also known as room and board. Often print and web resources will list these amounts, but there are many other costs associated with attending college.

          Depending on your situation, you can fund your college experience with money from different sources, which include your savings, money from parents and relatives, work, student loans, scholarships, grants, and so on. It’s important to consider how you will pay for the following categories of expenses:

          This is the fee to attend classes, and it is paid prior to the start of each semester. Costs stated on the college’s official website are the most accurate and up to date, but beware: You may experience increases during your enrollment. Also, expect to be charged minor additional fees for computer, health services, and fitness facilities.

          The Net Price Calculator is a web-based tool used to estimate how much and what types of financial aid you will qualify for when attending college. As of October 1, 2011, federal law requires all colleges and universities to have the Net Price Calculator feature on their websites. To meet this requirement, some schools link to an external third-party website, such as, which completes the calculations to estimate the cost of attendance and expected financial-aid package for students and their families?

          Now that you have assessed both sides of the equation, your expenses and financial support, with the assistance of your team of family and guidance counselor, you are ready to evaluate the results.

          To make your final analysis more straightforward and even a little easier, contemplate answers to these questions while you wait to receive admissions decisions:

Overall, how does the total cost of attendance for each school compare to your financial situation?

 Which schools on your final list create the most long-term financial responsibility/stress for you and your family?

 Which schools create the least long-term financial responsibility/stress for you and your family?

Which schools agree with your vision of going to college and don’t break the bank for you and your family?