School of Computer and Information Science, Edith Cowan University, Perth, Western Australia
A facility wide security system cannot be tested without causing disruption or creating vulnerabilities within the system. To overcome this issue, individual components or equipment may be evaluated to a priori performance standard. The two common approaches to security equipment evaluations are vulnerability attacks and laboratory testing. Laboratory testing of security equipment can reduce the costs and time associated with evaluations, as well as limiting the subjectivity of the tests. Vulnerability attacks will produce more realistic evaluation results of the whole security system; nevertheless, the data obtained is dependent on the physical attributes and skill of the attackers. This study ascertained what methodology, namely laboratory testing or vulnerability testing, was the most effective. To achieve this, both testing methodologies were applied to security padlocks with expert validation. The study confirmed that if security equipment has been laboratory tested to a designed priori performance level, the degree of security vulnerability can be effectively identified. As the security padlocks demonstrated, the high level achieved in the laboratory tests correlated with a high delay factor in vulnerability testing. Such an approach to security equipment testing resulted in a reliable and valid quantitative data set that could be applied at a later stage to other similar equipment. Nevertheless, it is suggested that when considering a facility wide security system, some degree of both laboratory and vulnerability testing has to be applied as they are complimentary.