Biotech Research Campus - Physical Security PASTA Walkthrough
This case study demonstrates threat modeling applied to a physical facility rather than a software system. Physical spaces present their own distinct challenges: you can’t patch a door, attackers have bodies that move through three-dimensional space, and the assets you’re protecting might be dangerous themselves.
Physical security threat modeling uses the same structured thinking as its digital counterpart, but the threats, controls, and tradeoffs are different. A SQL injection can’t steal a vial of experimental pathogens, but a tailgater absolutely can. This walkthrough shows how PASTA methodology adapts when the attack surface is measured in square feet rather than lines of code.
The Facility: Axiom BioLabs Research Campus
Axiom BioLabs operates a 45-acre research campus in suburban Massachusetts, focusing on infectious disease therapeutics and vaccine development. Think of it as the kind of place where scientists in white coats do genuinely important work that also happens to involve genuinely dangerous materials.
| Attribute | Detail |
|---|---|
| Organization | Mid-sized biotech company (pre-revenue, Series D funded) |
| Campus Size | 45 acres with 6 buildings |
| Employee Population | ~800 employees across research, manufacturing, and administration |
| Key Functions | Drug discovery, preclinical research, early-stage manufacturing, administrative operations |
| Biosafety Levels | BSL-2 (most labs), BSL-3 (one containment facility) |
| Controlled Substances | DEA Schedule II-IV materials for research |
| Regulatory Context | FDA (21 CFR Part 11), DEA, CDC Select Agent Program, OSHA, local fire codes |
| Total Facility Investment | ~$350M in buildings and equipment |
The campus houses several distinct operational areas. The main research building contains BSL-2 laboratories where most day-to-day work happens. A separate high-containment building houses the BSL-3 facility for work with more dangerous pathogens. The pilot manufacturing building produces small batches of drug candidates for clinical trials. Administrative functions occupy a conventional office building. Support facilities include a vivarium (animal research), a central utilities plant, and a data center.
What makes this threat model interesting is the variety of assets requiring protection. Intellectual property lives in both digital form (research data) and physical form (laboratory notebooks, biological samples). Some materials are valuable because competitors would want them. Other materials are valuable because terrorists might want them. Still others are dangerous primarily to the people working with them. The security program must address all three concerns without making the facility so locked down that research becomes impossible.
Stage 1: Define Business Objectives
Axiom exists in an unusual business position. They’ve raised $280M in venture capital to develop therapeutics they hope will eventually generate billions in revenue, but right now they generate exactly zero dollars. Their value is entirely prospective, stored in the form of intellectual property, research capabilities, and a pipeline of drug candidates. Protecting that value is existential.
Business Drivers
The company’s primary asset is its research pipeline. Three drug candidates are in various stages of preclinical and early clinical development. The most advanced, HX-401 (an antiviral), represents roughly $180M in cumulative R&D investment and is projected to reach Phase II trials within 18 months. If that program succeeds, the company’s valuation could increase by billions. If it fails—or if the underlying research is stolen, compromised, or destroyed—the company might not survive.
Talent is the second critical asset. The 400 scientists working at Axiom represent decades of specialized expertise. Many came from major pharmaceutical companies or academic institutions and took career risks to join a startup. Keeping them safe, productive, and confident in the security of their work environment matters both ethically and economically.
The physical infrastructure itself represents substantial investment. The BSL-3 facility alone cost $85M to construct and certify. Specialized equipment throughout the campus (mass spectrometers, gene sequencers, fermentation systems) represents another $120M. This equipment can’t be quickly replaced, and some is custom-built for Axiom’s specific research programs.
Security Objectives
| Priority | Objective | Rationale |
|---|---|---|
| Primary | Protect personnel safety | Moral obligation; also existential risk if serious injury occurs in containment area |
| Primary | Prevent release of dangerous biological materials | Regulatory, safety, and reputational catastrophe |
| Secondary | Protect intellectual property | Company valuation depends on research remaining proprietary |
| Secondary | Maintain regulatory compliance | Operating licenses depend on security controls |
| Tertiary | Protect physical assets from theft or damage | Expensive but ultimately replaceable |
| Tertiary | Ensure operational continuity | Research timelines are aggressive; delays are costly |
Note that personnel safety and biosafety outrank intellectual property protection. This reflects both ethical priorities and practical reality: a serious biosafety incident would likely end the company regardless of whether IP was protected.
Consequence of Failure
Different failure modes have vastly different consequences. Let’s quantify them.
Biosafety Incident (Pathogen Release)
If dangerous pathogens escape the BSL-3 facility due to security failure (rather than procedural failure), consequences include:
| Impact Type | Estimated Cost |
|---|---|
| Immediate response and containment | $5-20M |
| Regulatory investigation and potential facility shutdown | $10-50M (or permanent closure) |
| Litigation from affected parties | $50-500M depending on harm |
| Criminal liability for executives | Possible |
| Reputation destruction | Company-ending |
| Total Potential Exposure | $100M to company failure |
The existential nature of this risk justifies significant investment in containment security. Even a near-miss that becomes public could trigger regulatory action and destroy investor confidence.
Intellectual Property Theft
If a competitor obtains Axiom’s research data or biological samples:
| Impact Type | Estimated Cost |
|---|---|
| Competitive advantage loss | Unquantifiable but potentially billions in future revenue |
| Investor confidence impact | 30-50% valuation reduction |
| Legal costs pursuing thieves | $5-20M |
| R&D restart costs if samples lost | $20-100M depending on program |
The challenge with IP theft is that you might not know it happened. A competitor with stolen data can simply develop “independently” and Axiom may never prove infringement.
Controlled Substance Theft
The DEA-scheduled materials on site (primarily for research purposes) are valuable on the black market:
| Impact Type | Estimated Cost |
|---|---|
| DEA investigation and potential license revocation | $10-50M (loss of ability to conduct certain research) |
| Fines and penalties | $1-10M |
| Reputation damage | Moderate |
Workplace Violence or Terrorism
A violent incident targeting the facility:
| Impact Type | Estimated Cost |
|---|---|
| Human casualties | Incalculable |
| Facility damage | $10-100M depending on scope |
| Psychological impact on workforce | Long-term productivity loss |
| Litigation | $20-100M |
Risk Appetite
| Risk Type | Tolerance | Justification |
|---|---|---|
| Pathogen release (security-related) | Zero | Existential; regulatory; moral |
| Personnel injury from security failure | Zero | Moral and legal obligation |
| IP theft (major program) | Very Low | Core value proposition at stake |
| IP theft (minor program) | Low | Painful but survivable |
| Controlled substance diversion | Very Low | DEA license critical |
| Facility damage (recoverable) | Low | Insurance helps; still costly |
| Facility damage (BSL-3) | Zero | Cannot be quickly rebuilt |
| Operational disruption (<1 week) | Low | Annoying but manageable |
| Operational disruption (>1 week) | Very Low | Timeline impacts cascade |
Key Stakeholders
| Role | Responsibility |
|---|---|
| CEO | Overall risk acceptance, board communication |
| Chief Scientific Officer | Research priorities, lab safety culture |
| VP of Facilities & Security | Physical security program, facility operations |
| Biosafety Officer | Regulatory compliance, containment protocols |
| General Counsel | Legal risk, regulatory liaison |
| CFO | Insurance, security investment decisions |
| HR Director | Employee screening, insider threat awareness |
| Head of Manufacturing | Pilot plant security, process integrity |
Stage 2: Define Technical Scope
Physical security has a different “attack surface” than software, but the concept applies. Every door, window, fence line, and loading dock is a potential entry point. Every employee, contractor, and visitor is a potential threat vector. Every valuable or dangerous item is a potential target.
Campus Layout
The 45-acre campus is organized into zones based on security requirements:
Zone 1: Perimeter (Low Security) The campus is bounded by an 8-foot fence with vehicle gates at two entrances. The perimeter provides deterrence and delay but isn’t intended to stop a determined attacker. Visitor parking is outside the fence; employee parking is inside.
Zone 2: General Campus (Standard Security) This includes outdoor areas, the administrative building, the cafeteria, and common spaces. Badge access is required to enter this zone, but once inside, movement is relatively unrestricted.
Zone 3: Research Buildings (Enhanced Security) The main research building and pilot manufacturing facility require secondary badge access. Visitors must be escorted. Cameras cover corridors and common areas.
Zone 4: High-Value Labs (High Security) Specific laboratories containing high-value samples, controlled substances, or sensitive equipment have individual access controls. Entry requires both badge and PIN, and is logged to specific individuals.
Zone 5: Containment (Maximum Security) The BSL-3 facility has its own dedicated building with multiple layers of access control, biometric verification, airlock entry, and 24/7 monitoring. Only specifically trained and authorized personnel may enter.
Building Inventory
| Building | Function | Security Zone | Key Assets/Risks |
|---|---|---|---|
| Building A | Administration | Zone 2-3 | Personnel records, financial data, executive offices |
| Building B | Main Research | Zone 3-4 | Research labs, biological samples, lab notebooks, controlled substances |
| Building C | BSL-3 Containment | Zone 5 | Dangerous pathogens, specialized containment equipment |
| Building D | Pilot Manufacturing | Zone 3-4 | Drug candidates, process equipment, batch records |
| Building E | Vivarium | Zone 3-4 | Research animals, experimental data |
| Building F | Utilities/Data Center | Zone 3 | Critical infrastructure, backup power, servers |
Personnel Categories
| Category | Population | Access Level | Trust Level | Screening |
|---|---|---|---|---|
| Executive Leadership | 15 | All zones | Highest | Background check + financial |
| Senior Scientists | 80 | Zones 1-4, some Zone 5 | High | Background + reference + credentials |
| Research Staff | 320 | Zones 1-4, limited Zone 5 | Medium-High | Background + reference |
| Manufacturing Staff | 120 | Zones 1-4 (Building D) | Medium-High | Background + drug test |
| Administrative Staff | 180 | Zones 1-3 | Medium | Background check |
| Facilities/Security | 40 | All zones | High | Background + drug test |
| Contractors (regular) | ~50 | Varies | Medium | Background, sponsor required |
| Contractors (occasional) | ~100/year | Escorted only | Low | Visitor protocols |
| Visitors | ~500/year | Escorted only | None assumed | Sign-in + escort |
Physical Security Systems
| System | Function | Coverage |
|---|---|---|
| Perimeter fence | Deterrence, delay | Campus boundary |
| Vehicle gates | Access control, vehicle screening | Two entry points |
| Badge readers | Access control, logging | All buildings, sensitive areas |
| Biometric scanners | Enhanced identity verification | Zone 5 |
| CCTV | Surveillance, investigation | 180 cameras campus-wide |
| Intrusion detection | Alarm on unauthorized entry | Zone 4-5 areas, after hours |
| Security officers | Response, patrol, reception | 24/7 presence, 12 FTE |
| Visitor management | Tracking, escort coordination | Main reception |
| Key management | Mechanical lock control | Legacy areas |
| Safes/vaults | High-value item storage | Multiple locations |
Regulatory Requirements
Physical security isn’t optional in this environment—it’s mandated:
| Regulation | Requirement | Applies To |
|---|---|---|
| CDC Select Agent Program | Security plan, personnel screening, access controls, incident reporting | BSL-3 facility |
| DEA (21 CFR 1301) | Controlled substance storage, access logs, inventory reconciliation | Schedule II-IV materials |
| FDA (21 CFR Part 11) | Data integrity, access controls | Electronic records |
| OSHA | Workplace safety, emergency procedures | Entire facility |
| Local Fire Code | Emergency egress, suppression systems | All buildings |
| NIST 800-53 (via contracts) | Information security controls | Data center |
Failure to meet these requirements can result in loss of operating licenses, making regulatory compliance a business continuity issue, not just a compliance checkbox.
Stage 3: Decomposition and Asset Analysis
Rather than data flow diagrams, physical security analysis maps movement patterns, asset locations, and access pathways.
Asset Inventory
Category 1: Dangerous Materials
| Asset | Location | Value to Attacker | Protection Required |
|---|---|---|---|
| BSL-3 pathogens | Building C | Bioterrorism potential | Maximum containment |
| BSL-2 biological samples | Building B | Limited | Standard lab security |
| Controlled substances | Building B vault | Black market value | DEA-compliant storage |
| Chemical hazards | Multiple | Sabotage potential | Standard chemical hygiene |
Category 2: Intellectual Property
| Asset | Location | Value to Attacker | Protection Required |
|---|---|---|---|
| HX-401 research data | Data center + labs | Competitive intelligence | High |
| Biological samples (proprietary strains) | Building B freezers | IP theft | High |
| Laboratory notebooks | Building B | Legal evidence, IP | Medium-High |
| Pilot batch materials | Building D | Process intelligence | Medium |
| Clinical trial preparations | Building D vault | Competitive, safety | High |
Category 3: People
| Asset | Risk Profile | Protection Considerations |
|---|---|---|
| Executive leadership | Kidnapping, targeted violence | Executive protection awareness |
| Key scientists | Recruitment by competitors, coercion | Insider threat awareness |
| BSL-3 personnel | Coercion for access | Enhanced screening, monitoring |
| All personnel | Workplace violence, terrorism | General security measures |
Category 4: Physical Infrastructure
| Asset | Impact if Damaged | Recovery Time |
|---|---|---|
| BSL-3 facility | Existential | 3-5 years to rebuild |
| Main research building | Severe | 1-2 years |
| Data center | Severe | 3-6 months |
| Utilities plant | Moderate | 1-3 months |
| Pilot manufacturing | Moderate | 6-12 months |
Access Pathway Analysis
Attackers must physically move through space to reach targets. Understanding pathways reveals chokepoints for control.
Path to BSL-3 Facility (Building C):
Public Road → Perimeter Gate (badge or visitor check-in) →
Campus Road → Building C Exterior (no public entrance) →
Building C Lobby (badge) → Gowning Area (badge + PIN) →
Airlock 1 (biometric + PIN) → Shower/Change →
Airlock 2 (buddy system, camera verification) → BSL-3 Suite
Six distinct access control points, three different authentication factors, and mandatory two-person entry for the final stage. This defense-in-depth approach means an attacker would need to defeat multiple independent systems.
Path to Controlled Substance Vault:
Public Road → Perimeter Gate → Building B (badge) →
Research Wing (badge) → Secure Storage Area (badge + PIN) →
Vault Room (key + combination, two-person rule)
The two-person rule for vault access prevents any single insider from diverting materials undetected.
Path to Data Center:
Public Road → Perimeter Gate → Building F (badge) →
Data Center Corridor (badge + biometric) → Server Room (mantrap)
Trust Boundary Analysis
Physical trust boundaries map to the zone structure:
| Boundary | Trust Transition | Key Controls |
|---|---|---|
| Perimeter → Campus | Outsider → Checked visitor or employee | Gate security, badge verification |
| Campus → Research Buildings | General access → Authorized research | Badge readers, reception |
| Research Areas → High-Value Labs | Authorized → Specifically authorized | Badge + PIN, logging |
| General Campus → BSL-3 | Any → Specifically trained and cleared | Biometrics, airlocks, escort |
| External → Data Center | Any → Authorized IT | Badge + biometric, mantrap |
Each boundary crossing should require positive verification appropriate to the trust level difference.
Stage 4: Threat Analysis
Physical threats come from different sources than digital threats, though some attackers might use both vectors. Let’s identify who might attack, why, and how.
Threat Actor Analysis
External Threat Actors
| Actor | Motivation | Capability | Primary Targets |
|---|---|---|---|
| Competitor Intelligence | Steal IP, understand research direction | Medium (may use insiders) | Research data, samples |
| Criminal (Theft) | Controlled substances, saleable equipment | Low-Medium | Drug vault, portable equipment |
| Activist/Protest | Disrupt operations, media attention | Low-Medium | Vivarium, visible areas |
| Terrorist | Biological weapons acquisition | Medium-High | BSL-3 pathogens |
| Nation-State | Strategic intelligence, sabotage | High | All valuable assets |
| Random Opportunist | Whatever they can grab | Low | Unlocked items, tailgating |
Internal Threat Actors
| Actor | Motivation | Capability | Primary Targets |
|---|---|---|---|
| Disgruntled Employee | Revenge, sabotage | High (has access) | Systems they can reach |
| Financially Motivated Insider | Money | High | Saleable items, bribery |
| Ideologically Motivated Insider | ”Greater good” | High | Data, samples |
| Negligent Employee | None (careless) | High | Accidental exposure |
| Coerced Employee | Protecting self/family | High | Whatever demanded |
Attack Methodology Analysis
Unlike software attacks, physical attacks require the attacker to be present (usually). This creates different dynamics.
Unauthorized Entry Methods:
| Method | Difficulty | Countermeasure |
|---|---|---|
| Tailgating | Easy | Anti-tailgating training, turnstiles |
| Stolen/cloned badge | Medium | Multi-factor authentication, photo verification |
| Social engineering | Medium | Visitor protocols, awareness training |
| Forced entry (fence) | Medium | CCTV, patrols, intrusion detection |
| Forced entry (door) | Hard | Hardened doors, alarms, response |
| Covert entry (climbing, etc.) | Hard | Sensor coverage, lighting, patrols |
| Deception (fake identity) | Medium | Verification procedures |
Asset Access Methods:
| Method | Difficulty | Countermeasure |
|---|---|---|
| Legitimate access abuse | Easy (if authorized) | Logging, monitoring, two-person rules |
| Credential theft | Medium | Multi-factor, behavioral monitoring |
| Bypass of electronic locks | Hard | Tamper detection, redundant systems |
| Safe cracking | Hard | Quality safes, alarms |
| After-hours intrusion | Medium | Intrusion detection, patrols |
STRIDE-Adjacent Analysis for Physical Security
STRIDE doesn’t map perfectly to physical security, but we can adapt the thinking:
Spoofing (Identity Deception)
- THR-001: Tailgating through badge-controlled doors
- THR-002: Using a lost or stolen badge
- THR-003: Cloning badge credentials
- THR-004: Impersonating contractor or vendor
- THR-005: Social engineering reception staff
Tampering (Physical Modification)
- THR-006: Sabotage of research samples
- THR-007: Contamination of materials
- THR-008: Modification of laboratory equipment
- THR-009: Tampering with safety systems
- THR-010: Vandalism affecting operations
Repudiation (Denying Actions)
- THR-011: Access log gaps allowing denied entry
- THR-012: Camera blind spots enabling unattributed activity
- THR-013: Shared credentials preventing individual accountability
- THR-014: Inadequate chain of custody for samples
Information Disclosure (Observation/Theft)
- THR-015: Theft of laboratory notebooks
- THR-016: Theft of biological samples
- THR-017: Photography of sensitive documents/screens
- THR-018: Eavesdropping on sensitive conversations
- THR-019: Dumpster diving for discarded documents
- THR-020: Shoulder surfing access codes
Denial of Service (Disruption)
- THR-021: Physical damage to facility
- THR-022: Utility disruption (power, water, HVAC)
- THR-023: Bomb threat causing evacuation
- THR-024: Protest blocking access
- THR-025: Sabotage of critical equipment
Elevation of Privilege (Unauthorized Access Expansion)
- THR-026: Tailgating into higher-security zone
- THR-027: Exploiting badge with excessive permissions
- THR-028: Using someone else’s credentials for higher access
- THR-029: Manipulating access control system
- THR-030: Coercing higher-privileged employee
Scenario-Based Threat Analysis
Scenario 1: Competitor-Sponsored IP Theft
A competitor hires a “headhunter” who recruits a mid-level scientist. During the “interview process,” the scientist is persuaded to bring samples and data to demonstrate their expertise. The scientist uses their legitimate access to remove materials, believing they’re just sharing their own work.
Threats involved: THR-016, THR-017, insider threat
Detection challenges: The scientist has legitimate access; the theft looks like normal work activity until materials leave the facility.
Scenario 2: Activist Intrusion into Vivarium
Animal rights activists conduct surveillance, identify delivery schedules, and plan an intrusion. During an early-morning delivery, activists follow the truck through the vehicle gate, then scatter across campus. Some attempt to enter Building E (vivarium) while others create distractions elsewhere.
Threats involved: THR-001, THR-024, THR-021
Detection challenges: Multiple simultaneous events strain response resources; activists may film their own activity for propaganda regardless of whether they achieve objectives.
Scenario 3: Insider Controlled Substance Diversion
A laboratory technician with vault access develops a substance abuse problem. They begin taking small quantities of controlled substances, relying on their knowledge of inventory procedures to avoid detection. Over months, cumulative losses become significant.
Threats involved: Insider threat, THR-013, THR-014
Detection challenges: Slow accumulation below detection thresholds; trusted insider knows exactly how to avoid triggering alerts.
Scenario 4: Nation-State Targeting of BSL-3
A foreign intelligence service identifies Axiom’s BSL-3 facility as containing pathogens of interest for bioweapon research. They recruit a cleaning contractor, provide training, and direct them to photograph the facility layout and access control systems. Later phases might involve actual material acquisition.
Threats involved: THR-004, THR-017, potential THR-016
Detection challenges: Sophisticated adversary with patience; cleaning staff have broad physical access even without high-security clearance.
Scenario 5: Disgruntled Employee Sabotage
An employee passed over for promotion decides to damage the HX-401 program. They have legitimate access to the relevant laboratories and understand which samples are irreplaceable. During a night shift, they enter the sample storage area and destroy critical biological materials.
Threats involved: THR-006, insider threat
Detection challenges: Legitimate access, technical knowledge of what matters; may not trigger any alarms until damage is discovered.
Threat Summary (Top 25 by Risk Score)
| ID | Threat | Category | L | I | Risk |
|---|---|---|---|---|---|
| THR-016 | Theft of proprietary biological samples | Info Disclosure | 3 | 5 | 15 |
| THR-006 | Sabotage of research samples (insider) | Tampering | 3 | 5 | 15 |
| THR-031 | BSL-3 unauthorized access attempt | Elevation | 2 | 5 | 10 |
| THR-001 | Tailgating through controlled doors | Spoofing | 5 | 3 | 15 |
| THR-032 | Controlled substance diversion (insider) | Theft | 3 | 4 | 12 |
| THR-015 | Laboratory notebook theft | Info Disclosure | 3 | 4 | 12 |
| THR-005 | Social engineering reception staff | Spoofing | 4 | 3 | 12 |
| THR-022 | Critical infrastructure sabotage | DoS | 2 | 5 | 10 |
| THR-017 | Photography of sensitive materials | Info Disclosure | 4 | 3 | 12 |
| THR-033 | Insider data exfiltration | Info Disclosure | 3 | 4 | 12 |
| THR-002 | Use of lost/stolen badge | Spoofing | 4 | 3 | 12 |
| THR-019 | Dumpster diving for documents | Info Disclosure | 4 | 2 | 8 |
| THR-023 | Bomb threat evacuation | DoS | 3 | 3 | 9 |
| THR-004 | Contractor impersonation | Spoofing | 3 | 3 | 9 |
| THR-034 | After-hours unauthorized presence | Various | 3 | 3 | 9 |
| THR-021 | Protest causing operational disruption | DoS | 3 | 3 | 9 |
| THR-020 | Shoulder surfing access codes | Info Disclosure | 4 | 2 | 8 |
| THR-009 | Safety system tampering | Tampering | 2 | 4 | 8 |
| THR-008 | Laboratory equipment sabotage | Tampering | 2 | 4 | 8 |
| THR-003 | Badge cloning | Spoofing | 2 | 4 | 8 |
| THR-012 | Camera coverage gaps | Repudiation | 3 | 3 | 9 |
| THR-035 | Coerced employee access | Elevation | 2 | 4 | 8 |
| THR-036 | Cyber-physical attack (access control compromise) | Various | 2 | 4 | 8 |
| THR-011 | Incomplete access logging | Repudiation | 3 | 3 | 9 |
| THR-037 | Vehicle-borne threat | Violence | 1 | 5 | 5 |
Stage 5: Vulnerability and Weakness Analysis
Physical security vulnerabilities are often visible to anyone who looks. A gap in the fence is a vulnerability. An unlocked door is a vulnerability. Unlike software, you can often assess physical security by walking around with your eyes open.
Security Assessment Findings
Perimeter Security
| Finding | Weakness | Related Threat |
|---|---|---|
| Fence sections obscured by landscaping | Limited visibility, delayed detection | THR-034 |
| Vehicle gate remains open for extended periods during busy times | Easy vehicle tailgating | THR-001 |
| Pedestrian gates lack anti-tailgating mechanisms | Multiple people can enter on one badge | THR-001 |
| Camera coverage gaps at perimeter corners | Unmonitored entry points | THR-012 |
Access Control
| Finding | Weakness | Related Threat |
|---|---|---|
| Badge-only access at most Zone 3 doors | Single factor, easily bypassed if badge stolen | THR-002, THR-003 |
| No formal anti-tailgating training | Staff uncomfortable challenging followers | THR-001 |
| Contractor badges not visually distinct | Can’t quickly identify who should be escorted | THR-004 |
| Some legacy doors still use mechanical keys | Key control incomplete, no logging | THR-011 |
| Terminated employee badge revocation delayed (avg 8 hours) | Window for unauthorized access after termination | THR-038 |
Controlled Substance Storage
| Finding | Weakness | Related Threat |
|---|---|---|
| Two-person rule sometimes bypassed during off-hours | Single-person access possible | THR-032 |
| Inventory reconciliation only monthly | Diversion detection delayed | THR-032 |
| Security cameras in vault room older model | Lower resolution, storage limited | THR-012 |
BSL-3 Facility
| Finding | Weakness | Related Threat |
|---|---|---|
| Biometric system has 3% false acceptance rate | Higher than ideal for maximum security | THR-031 |
| After-hours access logged but not actively monitored | Anomalous access might not be noticed | THR-034 |
| Emergency exit leads directly to exterior | Bypass of normal egress controls | THR-031 |
Information Protection
| Finding | Weakness | Related Threat |
|---|---|---|
| Laboratory notebooks stored in unlocked cabinets | Easy theft opportunity | THR-015 |
| No policy on photographing whiteboards/screens | IP casually captured | THR-017 |
| Confidential waste bins not secured | Dumpster diving possible | THR-019 |
| Visitor escorts frequently distracted | Photography opportunities | THR-017 |
Personnel Security
| Finding | Weakness | Related Threat |
|---|---|---|
| Background checks not repeated after initial hire | Long-term employees not re-verified | Insider threats |
| No behavioral monitoring or anomaly detection | Insider threats detected late | THR-006, THR-032 |
| Inadequate offboarding procedures | Access persists after departure | THR-038 |
Penetration Testing Results
A physical penetration test was conducted by a third-party security firm:
| Status | Finding |
|---|---|
| Critical | Tester tailgated through vehicle gate and reached Building B unchallenged |
| High | Tester obtained temporary badge by posing as HVAC contractor; no verification call made |
| High | Tester photographed laboratory notebooks through window in locked door |
| Medium | Tester found discarded documents containing research data in external dumpster |
| Medium | Tester shoulder-surfed PIN codes at three different locations |
| Low | Several exterior doors propped open by smokers |
Stage 6: Attack Modeling
Attack trees for physical security show how an attacker moves through space to reach objectives.
Attack Tree 1: Steal Proprietary Biological Samples
Goal: Exfiltrate biological samples from the HX-401 research program
Steal HX-401 Samples
├── 1. External Attacker - Forced Entry
│ ├── 1.1 Breach perimeter fence
│ │ └── Must defeat alarm sensors, cameras, patrol response
│ ├── 1.2 Enter Building B
│ │ └── Must defeat door locks, intrusion detection
│ ├── 1.3 Access freezer room
│ │ └── Must defeat badge + PIN, cameras
│ └── 1.4 Locate and remove samples
│ └── Must defeat inventory controls, conceal exit
│
├── 2. External Attacker - Deception
│ ├── 2.1 Obtain badge through social engineering
│ │ └── Pose as contractor, temp, or new employee
│ ├── 2.2 Access Building B
│ │ └── Must appear to belong, avoid questions
│ ├── 2.3 Access freezer room
│ │ └── Tailgate or obtain PIN through observation
│ └── 2.4 Remove samples
│ └── Conceal in bag, exit normally
│
├── 3. Insider - Legitimate Access
│ ├── 3.1 Employee with freezer room access
│ ├── 3.2 Remove samples during normal work
│ └── 3.3 Conceal and exfiltrate
│ └── Personal bag, delivery packaging, etc.
│
├── 4. Insider - Exceeded Access
│ ├── 4.1 Employee without freezer access
│ ├── 4.2 Tailgate or social engineer into freezer room
│ └── 4.3 Remove samples
│
└── 5. Coerced Insider
├── 5.1 External actor identifies employee with access
├── 5.2 Coerces through threat, bribery, or ideology
└── 5.3 Insider removes samples as directed
Path Analysis:
Path 1 (Forced Entry) is high effort and high detection risk. Modern alarm systems, camera coverage, and security officer response make this difficult. An attacker would need significant resources and would likely be detected before reaching the target.
Path 2 (Deception) is medium effort. The penetration test demonstrated this is feasible with moderate preparation. Key weaknesses are contractor verification and anti-tailgating.
Path 3 (Legitimate Access Insider) is the most dangerous because it’s nearly invisible. The insider uses existing access for unauthorized purposes. Detection depends on behavioral monitoring, inventory controls, and perhaps random inspections.
Path 4 (Exceeded Access Insider) combines insider knowledge with unauthorized access expansion. The insider knows what’s valuable but lacks access, so they use social engineering or tailgating to reach it.
Path 5 (Coerced Insider) is frightening because it can bypass most controls. The insider is legitimate, their behavior may appear normal, and their motivation is hidden.
Chokepoint Analysis:
The freezer room access point (Badge + PIN) appears in most attack paths. Strengthening this control disrupts multiple paths. Adding two-person rules, biometric verification, or behavioral monitoring at this point would significantly increase attack difficulty.
Sample inventory and chain of custody appear at the exfiltration stage. Even if an attacker reaches samples, robust inventory controls might detect the theft (though not prevent it).
Attack Tree 2: Sabotage BSL-3 Facility
Goal: Cause a pathogen release from the BSL-3 containment facility
BSL-3 Pathogen Release
├── 1. External Attack
│ ├── 1.1 Physical assault on building
│ │ ├── Vehicle ramming
│ │ ├── Explosive attack
│ │ └── Armed assault
│ └── 1.2 Remote sabotage
│ ├── Cyber attack on HVAC/containment systems
│ └── Utility disruption affecting containment
│
├── 2. Unauthorized Entry
│ ├── 2.1 Defeat all access controls (see previous analysis)
│ │ └── Six control points, three authentication factors
│ ├── 2.2 Navigate facility without proper PPE
│ │ └── Attacker risks self-exposure
│ └── 2.3 Breach containment
│ └── Open biosafety cabinets, damage HEPA systems
│
├── 3. Authorized Insider (Malicious)
│ ├── 3.1 Employee with BSL-3 access
│ ├── 3.2 Bypass or defeat containment procedures
│ │ └── Must defeat buddy system, cameras, behavioral training
│ └── 3.3 Release pathogens
│ └── Open containers outside BSC, damage seals, etc.
│
├── 4. Authorized Insider (Coerced)
│ ├── 4.1 External actor identifies BSL-3 personnel
│ ├── 4.2 Coerces through threat or manipulation
│ └── 4.3 Insider performs sabotage
│
└── 5. Negligent Insider
├── 5.1 Procedure violations compound
├── 5.2 Safety systems not functioning properly
└── 5.3 Accidental release during normal work
Path Analysis:
Path 1 (Physical assault or cyber attack) is dramatic but difficult. The BSL-3 facility is purpose-built for containment, with redundant systems designed to maintain negative pressure even during power failures. A vehicle ramming might damage the building exterior but wouldn’t immediately breach containment. Cyber attacks are possible but would require extensive reconnaissance and sophistication.
Path 2 (Unauthorized physical entry) is extremely difficult. The attacker must defeat six access control points, then navigate a specialized facility without proper training or equipment. They’d likely expose themselves before accomplishing anything.
Path 3 (Malicious insider) is the nightmare scenario. A trained employee with legitimate access knows exactly how to breach containment. The buddy system is the primary control, but motivated insiders can potentially arrange circumstances where they’re briefly alone. Behavioral monitoring and a strong safety culture are critical.
Path 4 (Coerced insider) adds external adversary capability to insider access. This is particularly concerning for nation-state threats.
Path 5 (Negligent insider) is actually the most likely release scenario statistically, but it’s a safety concern rather than a security threat. The distinction matters for response planning.
Kill Chain for Physical Intrusion
Physical attacks follow a predictable sequence. Understanding this sequence reveals intervention points.
| Phase | Activities | Detection Opportunities |
|---|---|---|
| Reconnaissance | Observe facility, identify targets, map security | Suspicious loitering, photography, social media monitoring |
| Preparation | Obtain tools, clone badges, recruit insiders | Insider threat indicators, contractor vetting |
| Approach | Travel to facility, position for entry | Perimeter surveillance, license plate recognition |
| Breach | Enter perimeter, defeat access controls | Fence sensors, tailgating detection, badge anomalies |
| Movement | Navigate to target | Camera monitoring, badge tracking anomalies |
| Action | Steal/sabotage/document target | Motion sensors, two-person rules, inventory |
| Exfiltration | Leave with objectives | Exit monitoring, package inspection |
| Escape | Depart area | Camera footage, response timing |
Each phase is a potential interdiction point. Early detection provides more response options.
Stage 7: Risk and Impact Analysis
Risk Priority Summary
| Priority | Score Range | Count | Timeline | Key Threats |
|---|---|---|---|---|
| Critical | 15+ | 3 | Immediate | Sample theft (insider), insider sabotage, tailgating (enabling threat) |
| High | 10-14 | 10 | 30 days | Controlled substance diversion, contractor deception, photography |
| Medium | 5-9 | 15 | 90 days | Various secondary threats |
| Low | <5 | 7 | Monitor | Low-probability threats |
Business Impact Quantification
THR-016/THR-006: Proprietary Sample Theft or Destruction
Loss of the HX-401 biological sample repository would be devastating:
| Impact Type | Estimated Cost |
|---|---|
| R&D restart | $80-120M (recreating years of work) |
| Program delay | 2-3 years (may kill the program entirely) |
| Investor confidence | 40-60% valuation drop |
| Competitive impact | Competitor advantage if samples stolen |
| Total Potential Exposure | $150-300M or company failure |
The critical samples are literally irreplaceable in some cases—they represent unique cell lines, microbial strains, or engineered constructs that took years to develop.
THR-001: Tailgating
Tailgating is an enabling threat rather than a terminal threat—it creates access for other attacks. The impact is the full range of what an unauthorized person might do once inside.
THR-032: Controlled Substance Diversion
| Impact Type | Estimated Cost |
|---|---|
| DEA investigation and potential license action | $10-30M |
| Fines | $1-5M |
| Research disruption | $5-10M |
| Reputation | Moderate damage with investors and partners |
Mitigation Plan
Immediate Actions (Week 1-2)
| Threat | Mitigation | Owner | Cost |
|---|---|---|---|
| THR-001 (Tailgating) | Deploy anti-tailgating turnstiles at vehicle gate; launch awareness campaign | VP Security | $75K |
| THR-001 (Tailgating) | Require badge tap at all building entries (eliminate prop-open capability) | Facilities | $25K |
| THR-002 (Stolen badges) | Implement 24-hour photo verification for access at Zone 4+ doors | Security | $40K |
| THR-016/THR-015 | Move laboratory notebooks to locked storage; implement checkout procedures | CSO | $15K |
| THR-019 | Secure confidential waste bins with locks; verify shredding schedule | Facilities | $10K |
30-Day Actions
| Threat | Mitigation | Owner | Cost |
|---|---|---|---|
| THR-032 | Implement daily inventory reconciliation for Schedule II; enhance vault cameras | Biosafety Officer | $60K |
| THR-004 (Contractor impersonation) | Require verification call for all contractor visits; distinct badge colors | Security | $20K |
| THR-017 | Establish and communicate photography policy; visitor escort training | Security + Legal | $25K |
| THR-038 | Reduce badge revocation SLA to 15 minutes; automate with HR system | IT + HR | $50K |
| THR-012 | Camera coverage audit; install additional cameras to eliminate blind spots | Facilities | $80K |
90-Day Actions
| Threat | Mitigation | Owner | Cost |
|---|---|---|---|
| THR-003 (Badge cloning) | Upgrade to encrypted, clone-resistant badge technology | Security + IT | $350K |
| THR-016 (Sample theft) | Implement two-person rule for high-value sample access | CSO | $30K (procedure change) |
| THR-006 (Insider sabotage) | Deploy behavioral monitoring program for BSL-3 and high-value area personnel | HR + Security | $150K |
| THR-033 (Insider data theft) | DLP controls on laboratory workstations; USB restrictions | IT | $100K |
| THR-031 (BSL-3 access) | Upgrade biometric system to <1% FAR | Facilities | $200K |
Long-Term Actions (6-12 Months)
| Initiative | Description | Cost |
|---|---|---|
| Access control system upgrade | Replace legacy mechanical locks; unified electronic access | $500K |
| Insider threat program | Formalize continuous evaluation, reporting mechanisms | $200K/year |
| Security operations center | Centralized monitoring with real-time alerting | $400K + $300K/year |
| Perimeter enhancement | Improved fence sensors, vehicle barriers at gates | $300K |
| Tabletop exercises | Quarterly exercises for various threat scenarios | $80K/year |
Risk Treatment Decisions
| Decision | Threat | Rationale |
|---|---|---|
| Mitigate | All critical and high threats | Per mitigation plan |
| Transfer | Property damage, general liability | Insurance coverage |
| Accept | THR-037 (Vehicle-borne threat) | Extremely low probability; cost of barriers disproportionate |
| Accept | THR-021 (Protest disruption) | Occasional protests manageable with coordination; hardening would be costly |
Risk Acceptance: Vehicle-Borne Threat
A vehicle-based attack is theoretically possible but extremely unlikely given Axiom’s profile. We accept this risk with the following conditions:
- Monitor threat intelligence for biotech-sector targeting
- Review if facility profile changes (controversial research, high-profile negative attention)
- Basic perimeter provides some standoff distance
Residual Risk Assessment
| Threat | Before | After | Justification |
|---|---|---|---|
| THR-001 (Tailgating) | 15 | 6 | Turnstiles, training, and monitoring dramatically reduce opportunity |
| THR-016 (Sample theft) | 15 | 8 | Two-person rule and improved monitoring reduce but can’t eliminate insider threat |
| THR-006 (Insider sabotage) | 15 | 9 | Behavioral monitoring helps detection; prevention limited for trusted insiders |
| THR-032 (Controlled substances) | 12 | 5 | Daily reconciliation and enhanced vault controls close most gaps |
| THR-002 (Stolen badges) | 12 | 6 | Photo verification adds friction; clone-resistant badges address technical bypass |
Summary: Critical threat count drops from 3 to 1 (insider sabotage remains challenging). High threat count drops from 10 to 4.
Budget Summary
| Phase | Cost |
|---|---|
| Immediate (Week 1-2) | $165K |
| 30-Day Actions | $235K |
| 90-Day Actions | $830K |
| Long-Term (6-12 months) | $1.5M |
| Ongoing Annual | $500K |
| First-Year Total | $3.2M |
For a company with $350M in facility investment and billions in potential research value, $3.2M in security investment (less than 1% of physical asset value) represents prudent protection.
Key Findings Summary
| Finding | Implication |
|---|---|
| Insider threats are the primary concern | External attackers face substantial barriers; trusted insiders do not |
| Tailgating is the enabling threat | Most attack paths require physical access that tailgating provides |
| Two-person rules are critical controls | Prevent single-actor attacks on high-value targets |
| Detection often matters more than prevention | Can’t stop all attacks; must detect quickly and respond |
| Inventory and chain of custody are detective controls | May not prevent theft but enable discovery |
| Physical and cybersecurity intersect | Access control systems are computers; laboratory equipment is networked |
Physical Security Principles
This threat model illustrates principles specific to physical security:
Principle 1: Defense in Depth with Zones
Multiple security zones with increasing controls force attackers to defeat multiple systems. Each zone buys time for detection and response.
Principle 2: The Insider Advantage
Insiders bypass most physical controls by design—that’s what access is for. Insider threat mitigation requires behavioral controls, two-person rules, and detection-oriented thinking.
Principle 3: Access + Knowledge + Motivation = Threat
A threat requires all three elements. Remove access through controls. Limit knowledge through compartmentalization. Address motivation through personnel security and culture.
Principle 4: Humans Are Both Strongest and Weakest Controls
An alert security officer catches what cameras miss. A distracted employee holds the door for an attacker. Security culture training isn’t optional.
Principle 5: Response Time Matters
Physical attacks take time. The gap between detection and attacker success is the response window. Controls should maximize that window.
Principle 6: Prevention, Detection, and Response Are All Essential
You can’t prevent everything. You can’t detect everything instantly. You can’t respond to everything successfully. But layering all three creates a resilient security posture.
Comparison with Digital Threat Models
| Dimension | Digital Systems (Parts 3-3d) | Physical Facility |
|---|---|---|
| Attack speed | Milliseconds to minutes | Minutes to hours |
| Attack reversibility | Often reversible (patches, backups) | Often irreversible (theft, destruction) |
| Attacker presence | Can be remote | Usually requires physical presence |
| Evidence | Logs, network traffic | Video, witness statements, forensics |
| Insider threat detection | Behavioral analytics, DLP | Physical observation, two-person rules |
| Defense in depth | Firewalls, segmentation, authentication | Zones, barriers, access control layers |
| Patching | Software updates | Procedure changes, new equipment |
| Scale of attack | Can affect millions simultaneously | Usually limited by physical constraints |
Physical and digital security are increasingly connected. Access control systems are networked. Laboratory equipment has software. A cyber attack could disable physical security controls, and physical access could enable cyber attacks. Comprehensive security requires addressing both domains.
Part 3e Complete | Physical Security Threat Model