What is LPS 1175? The Definitive Guide
This guide aims to explain the intricacies of the Loss Prevention Certification Board’s force test standard – LPS 1175. Many of the products within the HS Security product portfolio have been submitted for test in this way and third party accredited according to different security classes. Read more here.
The LPS 1175 Test Standard Explained
- What is the LPCB and what does LPCB approval mean?
- What is LPS 1175?
- How does the LPS 1175 standard work?
- What does LPCB certification involve?
- What’s the process for testing security products to LPS 1175?
- LPS 1175 security ratings explained
- What is not covered by LPS 1175?
- LPS 1175 vs PAS 24
- LPS 1175 vs EN 1627
- The LPS 1175 Issue 8 update and the future of the standard
Before we get stuck into the LPS 1175 standard, it is important to understand what the LPCB is and what LPCB approval means.
LPCB is short for the ‘Loss Prevention Certification Board’ and has its roots in the insurance industry having worked with industry and insurers for over 100 years. LPCB is now operated by the Building Research Establishment (BRE) which is a profit-for-purpose organisation owned by the BRE Trust, a registered charity.
LPCB’s ‘Loss Prevention Standards’ (LPS) are widely recognised in the security and fire sectors and are used to test and certify the performance of a wide range of products and services. A full list of LPCB certified products and services can be found in the LPCB Red Book.
LPS 1175 is an LPCB certification used to test the resistance to unauthorised access offered by physical security products. LPS 1175 considers the resistance of security equipment to forced entry based on the size and type of tools used and the time that assailants will risk spending on attempting to gain entry.
In accounting for these varying parameters, physical security products are tested and rated to LPS 1175 according to the delay they provide against different levels of forced entry. As a Loss Prevention Standard, LPS 1175 historically grew around the needs of the insurance industry for which it remains a trusted and often preferred marque of third-party approval.
Together with its growing specification, for many areas of critical national infrastructure, the standard continues to grow in relevance by being sensitive to the broadest range of risks to assets and property encountered day-to-day.
The standard assumes that intruders have full knowledge of the security product and are willing to make proportionate efforts in attacking it.
LPS 1175 as a standard considers the entrepreneurial tendencies of criminals and terrorists – what investment are they willing to make and what risks will they take to secure the gain from conducting that particular terrorist or criminal act? The delay provided by physical security measures must at least match the time required to detect the attempted intrusion and respond to that detection in order to detain the intruder.
The threat levels and attack tools that define the security rating (SR) categories in LPS 1175 reflect the latest advice from the UK government, CPNI and NaCTSO, plus other security-focused organisations representing different industries and sectors.
LPCB certification is based on two key factors – that the product or service meets the standard (LPS 1175) and that the manufacturer or service provider has processes and systems in place to ensure that the product or service delivered meets that standard.
To ensure that LPS 1175 rated products continue to perform at the level tested, LPCB certification requires periodic audits of the manufacturer or service provider. If any issues emerge during these audits, then the manufacturer or service provider must agree to rectify any faults identified.
When getting a product certified, you are required to supply a range of documentation including details on the applicant, drawings, and data sheets to name just a few.
Having heard that over 95% of products submitted to BRE for testing to LPS1175 fail to achieve the ratings sought, we asked Richard Flint, Physical Security Technical and Business Development Manager at BRE, why LPS1175 was so demanding.
Richard explained “The standard isn’t, in itself, overly demanding – certainly at the levels, most products are submitted for testing to. What is demanding is the expectation for a design engineer that isn’t experienced in breaking into products to be able to come up with a design that covers all potential eventualities in terms of the attack methods we may use while ensuring the product they produce is a commercially viable proposition – in terms of its cost, aesthetics and the other performance and functionality required of it.
Achieving this balance requires a lot of thought and preparation. We, therefore, work very closely with designers from the early stages of the design process, supporting them with design reviews and prototype testing in order to help them achieve positive outcomes. Ultimately, we want our clients to succeed.
However, we cannot do so by lowering our standards. That would be a false economy and would put them and those that rely on their products and our certification at risk. We simply couldn’t do that.
Our testers are therefore entirely focussed on doing their very best to compromise every product submitted to us for evaluation.
Only when our testers are unable to achieve entry and our auditors are suitably confident the manufacturer can reliably replicate that product in ongoing production do we certify a product.
Yes, we fail a high number of products. But, when you consider how widely products certified by LPCB to LPS1175 are relied upon to protect critical assets and people around the world, we believe it is our duty to those who rely on those products and those that produce them to ensure we carry out our work as diligently as possible”.
The overall objective of an LPS 1175 attack test is to classify a product’s resistance to forced entry by conducting a series of manual intervention attacks to identify the minimum resistance of the product. The products are tested by an ‘attack team’ comprising of a team leader and either one or two team operatives depending on the security rating being targeted.
The team leader controls the test – directing the operatives, timing the test, and compiling an event record. When two operatives are involved in the attack test such as for the SR6-SR8 ratings, the tools used are pooled into a single tool kit, rather than two separate kits. The attack team will employ methods that in their opinion are most likely to result in the lowest attack time. To do this, exploratory tests may be used by the team to determine the most effective approach.
When conducting the test, each individual attack continues until –
- the objective is achieved
- the maximum working time is exceeded for the targeted security rating
- the maximum test duration is exceeded for the targeted security rating
- the team leader decides the attack is ineffective
Additional attack tests are then conducted to demonstrate all areas of the product resist attack from the defined attack side.
The security ratings given to products represent the tool category, the number of operatives (intruders) resisted and the delay achieved in working time. The threat level is classified by letters A-H which correspond to the tool kit used to evaluate the product’s intruder resistance and the numbers of attackers involved.
The higher the rating the more specialised and powerful the tools used as well as larger teams of intruders. Delay is classified by a number (1, 3, 5, 10, 15 or 20) which relates to the minimum delay in minutes provided by the physical security product.
For a product’s intruder resistance to be classified under LPS 1175, the product must at least achieve a security rating of 1 in the common tool category being used. Also, security ratings are only confirmed when all the requirements for the anticipated security rating are met.
It is unlikely specifiers, end-users and clients will require products with the ratings in the highest categories, instead, an extended delay is usually achieved through a layered approach using multiple products. This layered approach to physical security is something we discuss in detail in our article on Why Layered Physical Security is Important.
In the graphic below you can see a list of the products and systems covered by LPS 1175. However, this is not an exhaustive list and the standard can be applied to products not included on there.
It is important to note there are a few areas that LPS 1175 does not cover. LPS 1175 DOES NOT cover the classification of individual components such as glass, infill materials or locks in their own right. These items are covered by LPS 1175 when forming part of a product certified to the standard – for example the resistance provided by the glazing when testing a window.
The reason these items aren’t covered in their own right is to prevent component manufacturers or those using the components from potentially misleading customers by claiming their product achieves LPS 1175 because they used compliant glass for example.
There are a few other relevant LPCB standards for testing of locks and security glazing.
- LPS 1242 covers cylinders for locks
- LPS 1270 covers intruder resistant security glazing
- LPS 1654 covers the testing of padlocks
When it comes to testing the resistance of products, outside the scope of the LPS 1175 standard is resistance to electrical manipulation, thermal shock attack, chemical attack, vehicle impact, explosion, and ballistics. Other than that, the standard also does not test the resistance of free-standing barriers against tunnelling or being scaled over.
PAS 24 is a publicly available specification (PAS) that details test methods and acceptance criteria for security door sets and windows. Unlike LPS 1175, PAS 24 is only aimed at covering products that are designed to protect against stealth-based forced entry attacks such as those used by opportunistic burglars or other intruders who do not wish to generate sustained levels of noise.
When comparing the two, LPS 1175 covers a far larger range of products, including fencing, covers and enclosures to name just a few. PAS 24 is limited in that it only covers door sets and windows intended for dwellings and other buildings exposed to comparable risk
When it comes to testing for PAS 24, it is a minimum standard, so products either pass or fail instead of following the grading system used by LPS 1175. An overarching strength of LPCB as a performance standard is that it gives manufacturers scope to innovate.
There is no design blueprint, for example, for an LPCB SR4 high-security door; certification is about meeting the time threshold of the performance test, leaving designers with licence to tailor and differentiate products to add value and provide the individual functionality required by different sectors.
Another standard that you may come across is EN 1627 which is a European standard that follows a similar structure to LPS 1175. While it follows a similar structure, the RC1 to RC3 ratings for EN 1627 are more focused on resisting threats from criminals using stealth. It also doesn’t cover the higher security applications of LPS 1175.
EN1627 isn’t designed to cover the same range of products LPS 1175 and only covers Pedestrian doorsets, windows, curtain walling, grilles and shutters. There is also a difference in the tool sets used between the two standards. LPS 1175 covers more commonly obtained tools such as claw hammers and drills as well as more powerful tools such as petrol grinders.
Overall, the scope of LPS 1175 is far wider, as neither PAS 24 or EN 1627 cover features forming a perimeter (e.g. fences, gates or turnstiles) let alone many features forming barriers in an around a building.
Shifts in the risk landscape are captured in revisions to LPS 1175. The composition of tool kits, which reflect tools principally used in construction and demolition, was key to the recent Issue 8 update. LPS 1175 Issue 8.0, is the latest edition of the standard and was released in Jan, 2019. This version updated the previously single-digit performance classifications to one formed of two elements – threat level and delay.
With the new system, there are 48 different combinations of threat levels and delay times. This now defines a wider range of risk levels in terms of attack tools and measured resistance time, ensuring that the standard continues to provide the same confidence.
The change has also empowered specifiers to use LPS 1175 to specify performance based on multiple layers, whose total delay adds up to the requirement needed rather than expecting each layer to provide the same amount of delay.
If you are currently working on a security plan for a site, we recommend downloading our physical security checklist which will help you progress from design to implementation. Interested in learning more about layered physical security? Read our extensive guide on why layered physical security is important here.
If you are looking for LPS 1175 rated products, HS Security members Technocover and Barkers Fencing will be able to help you. Technocover specialises in LPS 1175 rated doors, covers, kiosks and enclosures while Barkers provide LPS 1175 rated fencing.
For any other queries, you can contact one of our experts at firstname.lastname@example.org or call us on 01942 407 288.