The third part of this series reviewed the more prevalent solution categories of fire protection design schemes for mission-critical facilities. It first covered consensus-based solutions, as they are the most popular. In these solutions, designs are based on the minimum requirements established by either code organizations or “standard” local design practices. The next category is owner-based solutions in which owners (or their representatives) use either corporate standards, personal preferences or an adviser’s recommendations. Lastly are project-based solutions, which involve designs based on either an arcane project directive, the contractor’s discretion or an intent to reduce costs. Because these solutions tend to minimize the liability, reputation and business risks of the designers, their popularity is unsurprising. But the gravity of the mission-critical world brings into question their adequacy. This study will consider why mission-critical facilities call for something more.
The solutions noted earlier demonstrate that the range of approaches to devising protection schemes for mission-critical facilities is wide. Despite these solutions usually being in conformance with accepted industry practices, however, they are missing something. Such an assertion may seem puzzling, as the solutions are generally code compliant, are consensus based and follow engineering guidelines. What concern could possibly arise regarding protection solutions that seem to have all of the necessary elements of an adequate, proper and responsible design? How could there be a problem if local authorities, industry professionals and owners are satisfied? The answer to these questions lies in the uniqueness of the mission-critical world and the expectations that accompany it. This uniqueness has three main elements that together create a synergy that dwarfs any one of them. A brief look at each one of these elements shows how their uniqueness is genuine and not overstated.
When examining the mission-critical industry closely, we find in it something that is a truly unprecedented in history: a single industry on which nearly all others depend continuously. This dependence exceeds even that of the massive foundational energy, transportation and communications industries. Despite the extreme criticality of these three core industries in commerce worldwide, the IT industry is even more critical. The higher level of criticality is due to several reasons, each of which is significant in its own right. Consider the heretofore unthinkable ability of this industry: one that converts information of all kinds—data, text, images, sound, video and so on—into electronic form and stores it in an infinitesimal space that is a fraction of its physical size. It can transport information to millions of locations simultaneously. And most importantly, it can perform millions of complex logical tasks using information it gathers, thus placing it orders of magnitude beyond any other kind of machine. Above all, it operates globally at lightning speeds. When properly harnessed, it allows for quantum leaps in productivity both commercially and personally.
As each industry takes advantage of IT, it achieves dramatic productivity gains that were thought impossible. A consequence of these gains, though, is the near total dependence on these systems not only to maintain the productivity levels but to keep operations going. This phenomenon is the basis for the first reason why the IT industry is the more critical than any of the core industries. Even though they preceded it and were necessary for it to get started, the dependency soon reversed. Now, as a result, not only they but nearly all industries have come to so heavily rely on IT that they are almost incapable of operating without it. IT services are becoming the master industry that seems to “rule” the rest. It is truly a declaration of veni, vedi, vici. And each year IT industry’s power, influence and control increases as it enters and “serves” each new realm of world activity.
The second reason why the IT industry is more critical is that it is designed to be a unified system and thus is capable of shutdowns (planned or unplanned) that are system wide. The shutdowns (aka downtime) are especially severe when unintended, as they can affect any or all aspects of a corporate operation at once. Backup, redundant and mirrored systems may seem to address such concerns; despite the excellent recovery systems in place in many companies, however, the average firm may lack the budget, staff or setup to implement full system resiliency that enables quick recovery from all system malfunctions. Regardless of how well any one IT system in a given firm is able to recover from unplanned downtime, the inherent vulnerability is the converse of its extensiveness. That is, it can instantly support millions of nodes but at the same time can drop all nodes simultaneously. In contrast, the core industries tend to be in discrete units and as such are less vulnerable to system-wide shutdowns Moreover, the goods and services they offer can often be stockpiled or covered by diversified suppliers.
A third reason IT is more critical than other industries is that in general it is usually needed in a continuous operation mode, day and night, year round. This always-on mode was especially significant because even though some aspects of the other core industries were also continuous, their continuity is dependent on the IT services continuity. An IT system, though, is generally needed continuously because of the many services it performs, and except for scheduled downtimes, it can rarely tolerate unavailability without dire consequences. In addition, many of its services are very company specific and cannot be easily outsourced. But the three core industries tend to have “on and off” or, at least, more pronounced “high and low” activity periods. Their ability to act like commodities that can be managed on a bulk and diversified basis also tends to reduce the need for continuous supply by any one customer.
The next unique aspect of this industry is that it poses risks that are unlike those in any other industry. These risks are due to the special type of crisis that IT downtime tends to create. The problems it causes are not just distressing but often can become traumatizing during to the loss of its service. A crisis is one thing, but problems of this magnitude are what may be called the “upheaval” factor (i.e., the monumental disruptions of corporate or societal order that can follow the loss of heavily needed or used online services). The system-wide nature of IT services opens the user to unexpected and sudden changes in circumstances owing to the loss of the service. Whether on a personal or corporate basis, the service loss can either cause a calamitous situation or simply cause one to feel that way, whether it is or not. The upheaval can be of any type, including emotional, corporate, economic, societal, political or even national. This ability of the IT industry to cause widespread upheaval in a few minutes or hours is unprecedented in world history. All of the concern regarding the feared Y2K downtime was mainly over the upheaval that might ensue, not the event itself. The degree of upheaval that loss of IT services can create will vary based on the combination of the criticality, degree and duration of the interrupted service. On the low end it can shut down a firm’s computer network and nearly halt the productivity of dozens, hundreds or thousands of employees. On the high end it can cause fear, panic, rioting, looting, health effects or even chaos.
Now, the risk is not just to the occupants, the building or the profit potential, but to those relying in the IT services. Therefore, fire protection schemes for these facilities should not be evaluated solely on code compliance or project requirements, but on their ability to minimize the chances of any fire- or loss-related event causing downtime. This means that the performance and effectiveness of their protection schemes must be evaluated in terms of the effect that the loss of services would have either on customers, the firm itself or any other stakeholder. The absence of accounting for the upheaval factor renders the fire risk analysis or any other kind of analysis incomplete if not misleading on vulnerabilities. The same is true for any of the other types of protection schemes as well.
The expectations of mission-critical-facility owners are unique in several ways, but they are especially so in the realm of perspective. These owners see everything—especially facility systems and operations—in terms of criticality. They expect engineers to understand how critical their operation is to those it supports as well as how important it is to avoid downtime and to ensure that they have a commensurate level of protection. The problem, though, is that most owners are unwilling to reveal how critical their services are and the scale of the impact that downtime can have: revealing a vulnerability can add to the vulnerability itself. Consequently, those providing protection systems are in a quandary when determining what level of protection is “appropriate” for the facility. In addition, the owner applies criticality not only to the importance of the service, but also to facility systems, elements and areas. In this regard, criticality also refers to the potential of any aspect of operations to interrupt the provision of online services.
Owners expect that special care be taken to identify critical aspects of the facility and expect to be informed of anything in the design that would conflict with their uptime objectives, including any failure mode of a fire system. What these expectations ultimately point to is the intent to use high-performance systems for protection, especially in the “critical” areas. But the average protection scheme, though code compliant, often provides something far less. For example, the performance level of conventional passive detection is considerably less than that of active detection systems. Yet, despite the significant performance gap, especially in the case of high ceilings and high-velocity-air conditions, conventional systems are still commonly specified, sometimes as backup but often as the sole system provided. Whether this approach is due to “project requirements,” “standard practices” or presumed cost savings, the outcome is the same: it results in a significantly lower effectiveness of the overall system. Though the average owner expects to be told such insights, they often remain in the dark unless an incident reveals it.
Furthermore, the expectations of those supported by mission-critical systems (i.e., users) are also unique. They expect 100% uptime day and night, year round. And they expect the service providers to do everything necessary to make it that way. Despite the earlier skepticism regarding the reliability of online services, most users now trust them. They expect the service providers to honor their trust in them by ensuring there is no downtime—ever. They expect the system operators to understand that one’s productivity and success hinges daily on the availability of the IT services and that they cannot do their job or support their lifestyle without it. As a consequence, companies experience intense pressure to provide 100% uptime and may live and die on the basis of user perceptions regarding the reliability of their online services.
The recognition of the dramatic power that the IT industry wields over the world’s activities is the first step to understanding mission-critical fire protection. The next is to grasp the uniqueness of the industry, as well as its unprecedented risks and high expectations. The last step is to see that something beyond conventional approaches is needed to properly protect mission-critical facilities, which is the topic of the next article in this series.
About the Author
Robert O’Neill, P.E., is a consulting engineer with degrees in chemical engineering and fire protection engineering. He has worked in fire protection engineering for over 25 years with experience in over 350 projects in the areas of insurance, government, consulting and architecture/engineering. His work has included the design, construction and/or review of fire alarm, detection, suppression and extinguishing systems for over 100 mission-critical facilities totaling over 4.4 million square feet.