Vehicle defeating security bollards installed at the entrances of Parliament House Canberra have already caused plenty of headaches for politicians, staffers and bureaucrats alike, but the latest tender to maintain the devices has security experts wincing that way too much technical detail is being unnecessarily pushed into the public domain.
A call from the Department of Parliamentary Services (DPS) for bidders to service and maintain the pneumatically operated devices released this month details the both the manufacturers and models of the mighty access control machines, information Government News has been told could substantially assist efforts to remotely compromise the barriers.
The tender documents also include 13 pages of technical drawings pinpointing the location of the bollards, all conveniently colour coded as to whether they are electronically or electrically controlled electro-mechanical, manually controlled or just fixed.
Government News understands the details in the tender have caused a significant murmur inside Canberra’s close knit security circles, where vigilance around physical and electronic security systems has been increased in the midst of increased threats from potentially violent non-state actors – as well as state-sponsored attempts at systems compromises.
Security experts with extensive experience in locking down SCADA (Supervisory Control and Data Acquisition) systems who have sighted the DPS documents told Government News on condition of anonymity they have no doubts the technical details would assist in planning a compromise.
The security experts said they believed it would not be in the public interest for Government News to republish the technical details including the manufacturers or models of the electronic security systems. So we haven’t.
It is routine government practice not to publicly discuss specifics around security arrangements for government facilities or personnel.
However the potential risks arising from a systems compromise of the bollards are glaring obvious, especially the potential of allowing in unauthorised vehicles.
Security sources have suggested that one way of keeping a lid on sensitive technical information was to have tender documents checked by security advisers prior to going to market. However a barrier to this was it would impose even more process burden, and potentially cost, on the already substantial procurement system.
Another security source with government experience said it was often difficult for agencies to juggle tighter confidentiality because of the very real prospects of generating complaints from suppliers who believed they were being unfairly excluded when approaches to market were released.
It was also suggested to Government News that security and access control equipment tenders are frequently forced to walk a tightrope between limiting the public exposure of information intended for suppliers to get the best products and value and running a more expensive closed shop.
Excluded providers, or those who just believed they had been excluded, routinely went “ministerial” if they felt they were not getting a fair chance of competing.
Tenders for electronic door and other access passes often risked the potential “oversharing” of information if they were too detailed but could also unintentionally exclude suppliers if it was unclear what equipment the tender was for.
Mishaps and controversy over Parliament House Canberra’s bollards have surrounded the devices ever since they were first installed.
In 2006 the Department of Parliamentary Services tabled a list of around 100 bollard related incidents and malfunctions that included the $2 million devices rising underneath vehicles or unintentionally trapping staffers and politicians.
Since then the barriers have proliferated in line with the increased security threat which last prompted a $20 million security upgrade for Parliament House.
Comment below to have your say on this story.
If you have a news story or tip-off, get in touch at firstname.lastname@example.org.
Sign up to the Government News newsletter