Scif · Volume 5
Civilian and Commercial Uses
5.1 The standard leaves the government’s own walls
The previous volume toured the SCIFs the government builds for itself — the intelligence campuses, the Situation Room, the embassy screen rooms, the tents that deploy to a Korean airfield. That survey is only half the population, and arguably the less numerous half. The great majority of accredited SCI space in the United States is not owned or operated by the government at all. It sits inside privately held office parks in northern Virginia, in aerospace plants in Colorado and California, in the campuses of nonprofit research corporations, and increasingly in speculative commercial buildings put up by developers who have decided that a shielded, hardened, accreditable volume is now a leasable amenity like a loading dock or a backup generator. This volume is about the SCIF as a commercial artifact: who is allowed to build one outside the fence, who physically builds it, what it costs, and where the genuine accredited article shades off into the corporate imitation that borrows the techniques without the paperwork.
The organizing fact is that the standard does not care who owns the walls. ICD 705 and its IC Tech Spec describe an accredited volume, and the accreditation attaches to the space and its operating procedures, not to the deed. A contractor’s SCIF in a leased suburban office building is, in the eyes of the Authorizing Official who signs it, the same category of object as a room inside CIA headquarters — the same four protections (physical, acoustic, visual, emanation), the same construction package, the same acoustic test, the same alarm and access-control requirements. What changes on the commercial side is the authorization chain: a private company cannot wake up one morning and decide to handle SCI. It has to be invited into the classified world by a government sponsor, cleared as an organization, and then have its facility accredited by a government official who answers for it. That invitation mechanism is the subject of the first half of this volume; the shielding industry that turns the invitation into drywall and copper is the subject of the second.
5.2 Cleared contractors and the NISP: earning the right to build one
The legal machinery that lets a private company touch classified information is the National Industrial Security Program, the NISP, established by executive order in 1993 and operated day to day by the Defense Counterintelligence and Security Agency (DCSA), the DoD agency that in 2019–2020 absorbed the old Defense Security Service and the government’s background-investigation apparatus. The NISP’s rulebook was for decades the NISPOM — the National Industrial Security Program Operating Manual, DoD 5220.22-M — and since 2021 it lives as a federal regulation, 32 CFR Part 117, which is simply the NISPOM given the force of the Code of Federal Regulations. DCSA is the cognizant security authority for the NISP across the DoD and some thirty-odd other federal agencies that piggyback on the program, which is why a single agency ends up overseeing industrial security for the entire defense-industrial base.
Before a company can build or operate a classified space, it needs a Facility Clearance — the FCL. The FCL is not a physical thing and it is emphatically not a SCIF; it is, in DCSA’s own language, an administrative determination that a company is eligible to access classified information at a given level. The process has a few load-bearing features an engineer should note because they explain why the defense-contracting world looks the way it does. First, a company cannot sponsor itself: an FCL has to be requested by a government agency or by an already-cleared prime contractor that has a genuine, funded, classified requirement — no contract, no clearance. Second, the clearance rides on people. The company’s Key Management Personnel — senior officers and whoever will actually exercise the security program — must themselves hold personnel security clearances, and until those come through the FCL stalls. Third, and most consequential for who owns the defense base, is FOCI: Foreign Ownership, Control, or Influence. A company with meaningful foreign ownership cannot simply be cleared; it has to negotiate a mitigation instrument — a Special Security Agreement, a proxy board, a voting trust — that walls the classified work off from foreign control. The FOCI dance is why so many defense subsidiaries are run through insulated, separately governed entities. DCSA’s own orientation material describes a nominal forty-five-day timeline for a clean FCL; practitioners will tell you six months to a year is more realistic once KMP investigations and FOCI mitigation are in the critical path.
The FCL gets a company into the collateral classified world — Confidential, Secret, Top Secret. Handling SCI is a further step, and it is where the SCIF appears. A cleared contractor that needs to store or process SCI on its own premises builds a SCIF (or, for Special Access Program work, a SAPF) and has it accredited. The crucial point of governance is that a contractor SCIF is accredited by the government sponsor’s Authorizing Official, not by the contractor and not, in the SCI case, generally by DCSA. The government customer that needs the work done — an intelligence agency, a service component, a program office — supplies the accrediting authority, and the AO of the sponsoring organization signs the Fixed Facility Checklist and issues the accreditation. DCSA remains the industrial-security overseer of the company, and it inspects collateral facilities and much SAP space, but for a compartmented program the sponsoring agency frequently carves the facility out of the NISP — the “carve-out” — and takes over the security oversight itself, because the agency does not want DCSA inspectors reading into a program they are not cleared for. The engineer’s summary: the walls are built to ICD 705 no matter who pays, but the signature at the bottom of the accreditation belongs to whichever government official owns the information, and that official’s TEMPEST authority, not the contractor’s judgment, decides how much emanation hardening the room gets.
5.3 The heavy operators
Once you know the mechanism, the roster of heavy commercial SCIF operators is unsurprising: it is essentially the top of the defense-contractor league table, plus the newer software-and-drones cohort. The traditional primes — Lockheed Martin, Raytheon (now RTX), Northrop Grumman, Boeing, General Dynamics, L3Harris — run large accredited estates because their classified programs (stealth aircraft, missile seekers, signals-intelligence payloads, satellite ground systems) cannot be executed anywhere else. The services-and-analysis firms that grew up around the intelligence community — Booz Allen Hamilton, SAIC, Leidos, CACI, ManTech, Peraton — are in some ways even more SCIF-dependent, because their product is cleared people sitting at cleared workstations. Booz Allen has publicly described a workforce the large majority of which holds security clearances, much of it at the TS/SCI level; a company like that is, functionally, a staffing and analysis engine bolted onto a large amount of accredited floor space, some of it its own and much of it sitting inside the customer’s spaces.
The newer entrants are worth naming because they represent a cultural shift in who operates SCIFs. Palantir, whose data-integration platforms (Gotham, and the work under the Army/OSD Maven effort) run on classified networks, and Anduril, the autonomy-and-sensors firm, are Silicon-Valley-styled companies that have had to grow the same unglamorous industrial-security apparatus — FCLs, cleared facilities, accredited program spaces — that the old primes spent decades building. The lesson those companies learned quickly is the one this volume keeps returning to: you cannot bolt classified capability onto an ordinary tech-company campus. The compartmented work has to happen inside accredited space, which means either building SCIFs of your own or renting time in someone else’s, and the cost and lead time of doing so is now a real competitive variable in defense acquisition. The industry shorthand has become blunt about it — “no SCIF, no bid” — because a program office increasingly expects a bidder to already possess, or credibly be able to stand up, the accredited space in which the work will be performed.
5.4 Who actually builds them: the SCIF construction and shielding industry
The question the standard never answers is the one a builder cares about most: who physically constructs these things? The government does not send its own carpenters. There is a specialized private industry — a few hundred firms nationally — that exists to design, build, shield, and integrate accredited secure space, and it divides roughly into three layers.
The first layer is the specialty general contractor and secure-space integrator: construction firms that have made accredited work a practice area, that keep ICD 705 and the Tech Spec in their bones, and that can carry a project from the design package through the acoustic test to the AO’s signature. These are outfits like Strategic Solutions Unlimited, Bryan Construction, DAVIS Construction, Evans Federal, and a long tail of regional builders clustered around the intelligence-community geography of northern Virginia and Maryland. Their value proposition is not exotic — it is that they already know how to build a true-floor-to-true-ceiling perimeter, how to detail an STC-rated door and a duct sound-baffle, how to run the RED/BLACK separation, and, crucially, how to produce the paperwork the AO wants without the customer’s program slipping a year. A significant part of what they sell is fluency in the accreditation process itself.
The second layer is the shielded-enclosure manufacturer — the firms that make the actual RF-tight and TEMPEST-grade metal box that lives inside the architectural room when a project needs emanation security. This is a genuinely specialized business with roots in the electromagnetic-compatibility test-chamber world, because an EMC anechoic chamber and a TEMPEST-shielded SCIF are the same physics problem viewed from opposite ends: one keeps interference out so instruments can measure, the other keeps emanations in so an adversary cannot. ETS-Lindgren is the marquee name — it designs and builds SCIFs and RF-shielded enclosures to U.S. and international shielding and TEMPEST requirements, using modular bolt-together copper or steel panel systems with matching RF doors, honeycomb air vents, and power-line filters. Select Fabricators occupies the flexible-materials end of the same market, having built (by its own count) well over a thousand RF-shielded enclosures, and is the go-to for the fabric-and-frame Faraday tents and inflatable shielded SCIFs used by expeditionary units. Alongside them sit Raymond EMC, Holland Shielding Systems (a Dutch manufacturer with a broad shielded-room catalog), Global Communications / AmerSc, and a cluster of others; on the modular-building side, firms like Panel Built, Environmental Structures / ISET, and BMarko sell prefabricated ICD 705-compliant rooms. The distinction that matters technically is that not every SCIF is shielded — RF/TEMPEST hardening is required only when the AO’s TEMPEST authority calls for it — so the enclosure manufacturers serve the subset of jobs where a Faraday layer is in the design, while the specialty GCs handle the far larger population of non-shielded accredited rooms.

The third layer is the newest and the one the market is most excited about: modular and containerized “SCIF-in-a-box” products. Instead of building a room inside a building, a manufacturer builds the entire accredited volume off-site in a controlled factory and ships it. At the light end are bolt-together panel systems (the modular SCIFs from ETS-Lindgren, Panel Built, Armag, and others) that assemble into a free-standing room; at the heavy end are ISO shipping-container SCIFs, built into standard 20- and 40-foot containers so they can move by truck, rail, ship, or a C-130. Armag’s ARC LT is a representative example — an ISO-container T-SCIF engineered, per the manufacturer, for 60 dB of RF attenuation (extendable if the customer needs more) and STC-50 acoustic performance, delivered essentially ready to accredit. The appeal is schedule and quality control: the hard, fussy work of getting the shielding continuous and the acoustic seal right happens on a factory floor with a controlled supply chain rather than on a job site, which also neatly serves the “cleared construction” concern for higher-tier work because the factory is easier to control than a building crawling with uncleared subcontractors.


The expeditionary corner of this industry deserves its own note because it is where the shielding is most visibly the product. When a unit needs accredited space in a field or a hangar with no time to build, the answer is a shielded tent — a fabric enclosure with a conductive layer, an RF-gasketed zipper door, and honeycomb-vented airflow, deployable in hours. Select Fabricators’ inflatable RF/EMI shielded tents are the canonical example; they are, in effect, a Faraday cage you can pack into cases and stand up on site, and they close the loop between the tactical T-SCIF of the previous volume and the shielding industry of this one.

Everything these vendors sell rests on one piece of physics — the Faraday enclosure — and it is worth grounding the industry in it before talking money.


5.5 The economics: cost per square foot and the shielding premium
Public cost figures for SCIF construction exist, and although every builder hedges them, they cluster tightly enough to be useful. Industry writing — a JLL market piece, cost guides from specialty builders, and shielding vendors’ own explainers — repeatedly puts SCIF construction in the range of roughly $350 to $1,000 per square foot, with pure renovation/tenant-improvement work more often landing in the $400 to $800 band once the full scope of penetrations, doors, alarms, and testing is understood. Those numbers dwarf ordinary Class-A office fit-out (commonly well under $200 a foot) for reasons that are entirely legible once you have read the construction volumes: true-floor-to-true-ceiling hardened perimeters, STC-rated assemblies and acoustic sealing, GSA-approved doors and locks, intrusion-detection and access-control systems, isolated mechanical and electrical service, and — where required — the RF/TEMPEST shielding that is the single largest cost multiplier of all.
The cost drivers stack in a predictable order. A room accredited only for open storage costs more than one limited to closed storage (open storage lets classified material stay out on desks, which demands a stronger perimeter and alarm posture). Higher sound groups cost more than lower ones. AA&E (arms, ammunition, and explosives) provisions add cost. And shielding is the discontinuity — a non-shielded SCIF is an expensive room; a fully RF/TEMPEST-shielded SCIF is a metal box inside that expensive room, with every door, vent, pipe, and cable turned into a filtered or waveguide penetration, and the delta between the two can be dramatic. This is exactly why the AO’s TEMPEST authority making the shielding call is such a consequential decision: it is often the line between a project that pencils and one that does not. There is also a strong size nonlinearity — a 900-square-foot SCIF is nowhere near half the cost of an 1,800-square-foot one, because the fixed costs of doors, alarms, testing, and the accreditation process itself do not scale down. The per-foot number falls as the facility grows, which is part of why the “whole building is the vault” approach the government uses at scale is economically rational.
Two more economic realities shape the market. First, the construction method ladder: practitioners generally rank tenant-improvement (building inside existing conditioned space) as the cheapest path, followed by traditional site-built construction, then modular, then container SCIFs as the most expensive per foot — you pay a premium for the factory-built and the deployable, and you buy schedule certainty and quality control with it. Second, time is a cost: with the 2020s revision of ICD 705 and its Tech Spec, industry reporting describes accreditation timelines that can stretch as long as thirty-six months for complex facilities, and a compliance transition running out toward the latter half of the decade. For a contractor bidding classified work, a two-to-three-year lead time on accredited space is a strategic problem, not a line item — which is the economic engine behind the leasing and shared-SCIF models discussed below.
5.6 The corporate secure room: SCIF techniques without the accreditation
Step outside the cleared-contractor world entirely and you find a large, quieter market for rooms that look like SCIFs, are sold using the same vocabulary, and are built by some of the same integrators — but are not accredited SCIFs at all. These are corporate secure conference rooms, and the honest way to describe them is as privacy engineering borrowed from the SCIF discipline without the government in the loop.
The archetype is the secure boardroom at a company doing something it cannot afford to leak: an M&A target evaluating a bid, a legal team preparing for litigation, a pharma company protecting a trial readout, a board discussing a restructuring. The threat model is real but different from the government’s — the adversary is a competitor, an activist investor, a hostile counterparty’s investigators, or a journalist’s source, not a nation-state cryptologic effort. The countermeasures, accordingly, borrow the cheaper and more portable half of the SCIF toolkit. Sound isolation and sound masking address the acoustic leak — including the ultrasonic microphone-jamming systems that inject noise a planted mic will capture but human ears will not. A no-phones rule with a lockbox at the door addresses the recording-and-transmitter problem the way a SCIF’s device policy does. Physical RF shielding appears at the high end — grounded mesh, shielding film, or a bolt-in room-within-a-room from the same enclosure manufacturers who serve the government market — and the more common approach is a periodic or continuous TSCM sweep: a technical-surveillance-countermeasures team that spectrum-analyzes the room for transmitters, physically inspects for planted devices, and sometimes provides in-conference RF monitoring while a sensitive meeting is underway. Firms like Pinkerton and a specialized TSCM industry sell exactly this service to corporate and legal clients.
The “clean room for lawyers” is the same idea applied to documents. In litigation and diligence, a data room (physical or, now, virtual) restricts who may see privileged or highly sensitive material, logs every access, forbids copying, and confines review to a controlled space — a direct echo of the SCIF rule that certain material may be read only inside the accredited room. The mechanism is contractual and procedural rather than governmental, but the design intent is identical: shrink the population of people who can touch the secret, and make every touch auditable.
The engineer should hold one distinction firmly, because the marketing blurs it constantly. A genuinely accredited SCIF exists only when a government Authorizing Official has signed off construction against ICD 705, and it exists to protect classified national-security information. A corporate “secure room” — however good its sound masking and however diligent its sweeps — has no accreditation, no AO, no Fixed Facility Checklist, and no authority to hold classified material. It is a SCIF-like privacy room. The confusion is understandable because the physics and much of the hardware are shared, and because the same vendors will happily build you either one. But the accreditation is the load-bearing difference: it is the government’s warranty that the space meets the standard, and no amount of corporate money buys it absent a sponsor and a classified requirement. A company can build a room to SCIF specifications; it cannot declare the result a SCIF.
5.7 Finance and critical infrastructure
Two civilian sectors have independently converged on SCIF-adjacent practice because their own data is sensitive enough to warrant it. The first is finance. Exchanges, clearinghouses, and large trading operations run secure operations centers where market-moving information, order flow, and the systems that run a market are concentrated, and where the concern is a blend of insider misuse, industrial espionage, and market-abuse liability. The countermeasures echo the corporate secure-room pattern — controlled access, device restrictions, acoustic and sometimes RF treatment, TSCM sweeps around earnings and deal activity — because a leaked pre-announcement number is worth precisely as much to the wrong person as some classified intelligence is.
The second is critical infrastructure, and here the parallel is closest for electric utilities. Data about the bulk power system — where the high-consequence assets are, how the control centers are configured, where the single points of failure sit — is treated as genuinely sensitive because it is a targeting map for anyone who wants to take down the grid. The NERC CIP standards (Critical Infrastructure Protection, the reliability rules NERC enforces across North America) formalize this: CIP-002 makes utilities categorize their BES Cyber Systems by impact, and the high-impact category includes the control centers that operate the grid above defined thresholds. Those control centers get an Electronic Security Perimeter and a Physical Security Perimeter with monitored, restricted access — a control room protected in depth in a way that rhymes with SCIF doctrine even though the governing standard is a reliability regulation rather than an intelligence directive. Water, pipelines, and telecommunications operate secure network- and grid-operations centers on the same logic. None of these are SCIFs unless they also handle classified material — utilities that receive classified threat intelligence from the government do sometimes stand up small accredited spaces to read it — but the design vocabulary of layered access control, monitored perimeters, and controlled data has propagated well outside the government precisely because the underlying problem, protecting a concentrated high-value secret, is the same everywhere.
5.8 Academia, FFRDCs, and the national labs
Universities present the sharpest cultural clash with SCIF doctrine, because the entire point of a research university is open publication and the free interchange of ideas, and classified work is the negation of that. The academic world has resolved the tension with a bright line: keep classified research off the campus proper and push it into affiliated institutions built for it.
The institutional device is the FFRDC — the Federally Funded Research and Development Center — and its close cousin the UARC, the University-Affiliated Research Center. These are private, usually nonprofit organizations that do R&D for the government under long-term relationships, and they are structurally allowed the sustained access to classified and sensitive data that a university department is not. The MITRE Corporation operates several FFRDCs (including the National Security Engineering Center) and is a heavy SCIF operator in its own right. MIT Lincoln Laboratory, founded in 1951 out of MIT’s wartime Radiation Laboratory, is a DoD FFRDC that does deeply classified work in radar, space surveillance, and communications — and it is deliberately located off the main MIT campus, at Hanscom Air Force Base, precisely so the classified work does not sit inside the open university. Johns Hopkins Applied Physics Laboratory, the largest UARC, plays the same role for its sponsors. And the Department of Energy’s weapons and science complex — Sandia, Los Alamos, Lawrence Livermore — are FFRDCs (contractor-operated for DOE/NNSA) that run some of the most extensive classified secure space in the country, because nuclear-weapons work is classified at the highest levels and cannot happen anywhere else.
MIT’s own policy makes the campus/off-campus split explicit and is a useful specimen because it is public. MIT requires that any research on the academic campus be publishable without prior sponsor permission and forbids restricting participation by nationality; a project that needs classification, publication restrictions, or access restrictions must get the Provost’s prior approval, and in practice that classified work is steered to Lincoln Laboratory rather than done in a campus lab. The general mechanism that keeps ordinary university research free of these controls is the Fundamental Research Exclusion — the principle in U.S. export-control and security policy that basic and applied research ordinarily published and shared broadly is not subject to export controls or classification, provided the sponsor imposes no publication approval and no personnel restrictions. The moment a sponsor demands either, the exclusion evaporates and the work has to move into cleared, controlled space — which is why the standard university arrangement is that classified projects go to an FFRDC, a UARC, or an off-campus SCIF (some universities maintain one in an affiliated research park) rather than into the departments. The academic SCIF is real, but it is quarantined by design.
5.9 SCIF-as-a-service and the leasing angle
The economics discussed earlier — six-figure-per-room construction, multi-year accreditation timelines, and “no SCIF, no bid” — have produced exactly the market response an engineer would predict: rather than every contractor building its own, a market for renting accredited space has emerged, and it is one of the more interesting recent developments in the field.
The model goes by “SCIF-as-a-service” or “shared SCIF.” A provider stands up accredited space — anything from a single cleared workstation or cubicle to a full suite — and leases access to it, handling the construction, the accreditation relationship, the alarms, and the ongoing security administration so the tenant does not have to. Underused federal and GSA-managed SCIFs, and purpose-built commercial SCIF suites, are increasingly offered on subscription or short-term lease. For a small firm that has won a classified task but has neither the capital nor the two-to-three-year runway to build its own facility, renting time in an accredited room is the difference between being able to bid and not. The one thing the service model cannot abstract away is the sponsorship requirement: a shared SCIF still needs a government sponsor, a government Authorizing Official, and an accreditation — the provider can own and operate the walls, but the tenant’s specific classified work still has to be blessed into the space by the government customer that owns the information.
There is a parallel real-estate angle that has turned SCIFs into a leasing amenity. Law firms that advise on government real estate (Holland & Knight, among others, have written on it) now treat SCIF-capable space as a distinct lease category with its own peculiarities: who pays for and owns the buildout, what happens to a highly specialized shielded room at lease end, how the accreditation survives a change of tenant, and how a landlord’s ordinary access and maintenance rights collide with a room the tenant’s government customer will not let the landlord enter. Developers in the intelligence-community geography have begun putting up buildings designed to accommodate accredited space — adequate slab-to-slab heights, structural capacity, isolated mechanical paths, controlled risers — on the bet that a building that can cheaply host a SCIF will command better tenants, longer leases, and higher rent than one that cannot. The SCIF has, in other words, completed the journey from a government secret to a line on a commercial leasing brochure.
5.10 What the commercial builder actually has to satisfy
Strip away the ownership and financing and the commercial SCIF reduces to the same engineering acceptance test as the government’s. A builder delivering a genuine accredited facility must satisfy the IC Tech Spec in construction — the hardened perimeter, the acoustic performance, the door and lock schedule, the alarm and access-control systems, the penetration treatments — and must produce the design package and the Fixed Facility Checklist that let a government Authorizing Official sign the accreditation. Where the sponsor’s TEMPEST authority requires it, the builder must add the RF/TEMPEST shielding and pass shielding-effectiveness testing; where the tier demands it, the sensitive construction must be performed as cleared construction, using vetted personnel and controlled materials, for the same supply-chain reason the Moscow embassy taught the government decades ago. A corporate privacy room, by contrast, has to satisfy only its owner: there is no AO, no checklist, and no accreditation — just a client who wants to be reasonably sure the boardroom is not bugged.
That single difference — an accountable government signature against a published standard, versus a private party’s own satisfaction — is the whole distinction between the two products this volume has surveyed. The physics is identical, the vendors overlap, and the sound-masking hardware may come off the same shelf. But only one of them may lawfully hold the nation’s secrets, and the thing that makes it so is not the copper or the concrete. It is the accreditation, and the accreditation belongs, always, to the government.
Sources
- Defense Counterintelligence and Security Agency (DCSA), Facility Clearance (FCL) program materials and Orientation Handbook — https://www.dcsa.mil/ ; FCL process overview and NISS small-business guide.
- Center for Development of Security Excellence (CDSE), Facility Clearances in the NISP (IS140) student guide and glossary — https://www.cdse.edu/
- U.S. Department of State, “Facility Security Clearance (FCL) FAQ” — https://www.state.gov/facility-security-clearance-fcl-faq
- 32 CFR Part 117 (the NISPOM as codified) and the National Industrial Security Program background.
- JLL, “Navigating the New Era of SCIF Construction: Compliance, Security & Strategy” — https://www.jll.com/en-us/insights/navigating-the-new-era-of-scif-construction-compliance-security-and-strategy (cost range $350–$1,000/sq ft; accreditation timelines up to 36 months).
- Salian Defense, “How Much Does a SCIF Cost? Budgetary Ranges & Cost Drivers” — https://saliandefense.com/scif-cost
- Strategic Solutions Unlimited, “The Cost to Build a SCIF or SAPF” and “Sensitive Compartmented Information Facility (SCIF)” — https://strategicsolutionsunlimited.com/ (construction-method cost ordering; size nonlinearity).
- National Shielding, “SCIF Construction & ICD 705 Shielding Requirements Explained” — https://www.national-shielding.com/blogs/learn/scif-construction-icd-705-shielding-requirements
- ETS-Lindgren, “SCIF” and RF-shielded-enclosure product lines — https://www.ets-lindgren.com/solutions/security/scif/
- Select Fabricators, Faraday tents / inflatable RF-EMI shielded SCIF tents — https://www.select-fabricators.com/
- Armag Corporation, “ARC LT T-SCIF” and Modular SCIFs (60 dB RF attenuation, STC-50) — https://www.armagcorp.com/scifs/
- Panel Built, “Modular SCIF Rooms | ICD 705 Compliant Facilities” — https://www.panelbuilt.com/products/scif-rooms/
- Universal Modular / BMarko / CenCore, container and prefabricated SCIF product literature — https://www.umodular.com/container-scif ; https://cencoregroup.com/
- Holland & Knight, “Leasing SCIF Space: How the New ICD-705 Affects Leases” and “Considerations for Landlords and Tenants” — https://www.hklaw.com/
- Plante Moran, “No SCIF, no bid: Why classified space is now essential for federal contractors” — https://www.plantemoran.com/
- TSCM industry references: Pinkerton TSCM services (https://pinkerton.com/investigations/tscm-technical-surveillance-countermeasures) and TSCM America in-conference monitoring (https://tscmamerica.com/).
- MITRE, “FFRDCs — A Primer” — https://www.mitre.org/ ; MIT Lincoln Laboratory FFRDC page — https://www.ll.mit.edu/about/organization/federally-funded-research-and-development-centers
- MIT Policies 14.2, “Open Research and Free Interchange of Information” — https://policies.mit.edu/ ; MIT Office of the VP for Research, “Fundamental Research” — https://research.mit.edu/
- “MIT panel urges off-campus sites for classified research,” MIT News (2002) — https://news.mit.edu/2002/classified-0612
- NERC CIP standards overview (CIP-002 BES Cyber System categorization; Electronic/Physical Security Perimeters) — https://www.nerc.com/ and industry explainers (TechTarget, Fortinet).
- Wikipedia, “Federally funded research and development centers” and “Faraday cage” (background) — https://en.wikipedia.org/
Comments (0)