Risk Reduction Strategies against Terrorist Acts in Urban Built Environments: Towards Sustainable and Human-Centred Challenges

: Terrorist impacts have been increasing over time in many countries, being one of the most signiﬁcant threats for the Built Environment (BE), intended as a network of open spaces (streets, squares) and facing buildings, and their users. Such risk is affected by a combination of strategic functions and crowd conditions. This work traces, for the ﬁrst time, the state-of-the-art consolidated Risk Mitigation and Reduction Strategies (RMRSs). Solid RMRS regulatory frameworks from all over the world are collected. The results show how classiﬁcation criteria distinguish them by attack targets and typologies, effectiveness over time/space, and physical implementation versus management-based deployment. Nevertheless, these criteria seem to be too fragmented, failing in pursuing RMRSs selection in a holistic outlook. Thus, a new classiﬁcation adopting the BE composing elements (physical elements, layout, access/surveillance systems, safety/security management) as key-factors is provided. Features, dependencies and coordination among them are discussed in a sustainability-based perspective, by showing how the main challenges for RMRSs’ design concern applicability, redundancy, and users’ emergency support. Safety/security management strategies have the overall highest sustainability level and play a pivotal role with respect to the other BE composing elements, which should be planned in reference to them. In addition, a human-centred approach (individuals’ interactions with BEs and RMRSs) will also be needed. These results will support efforts to include simulation-oriented approaches into RMRSs selection, effectiveness and feasibility analyses.


Introduction
Terrorist impacts have been increasing over time in many countries, being one of the most significant threats for the Built Environment (BE) and its users [1,2]. Emergency conditions due to a terrorist act occur quickly and unexpectedly and are moved by the "will" of the attackers "to hurt innocent people, kill or injure them, or inflict significant damage on essential infrastructure at a single instant or over time, or plan to do so, to bring about political, religious or ideological aims" [3]. Thus, they can be categorized as man-made destructive actions [4,5]. Due to their unpredictable occurrences, they are assimilable to Sudden Onset Disasters (SUOD) [6,7].
The more frequent environments where terrorists perform attacks seem to be urban BEs, especially if highly populated [2,[8][9][10]. According to consolidated approaches [11][12][13], targets are defined in terms of: (1) quantity, such as the number and typologies of BE users, tourist presence, the economic values of a BE and hosted activities; (2) quality, by preferring strategic buildings and symbolic targets, such as cultural, religious and institutional places and their occupants. Large cities seem to be more potentially affected by terrorist acts, between RMRSs and emergency behaviours; (2) individuals' perception issues, including liveability of the BE; (3) applicability of the strategies in different users' presence contexts, by mainly focusing on mass gatherings as critical conditions for BE use; (4) and capabilities given by behavioural simulation models in the RMRSs definition and validation process.
In agreement with these objectives, this work is structured in the following sections. Section 2 collects solid regulatory frameworks and guidelines from high-risk affected countries all over the world, and then resumes the existing classification criteria of RMRSs provided by them and in view of previous literature works, according to a classical review approach. Section 3 organizes data from the regulatory frameworks into the different elements composing the BE and its management, while Section 4 discusses them according to the sustainability-based, holistic and human-centred perspectives.
The described goals and instruments are functional and are part of the National Relevant Interest Research Project BE S 2 ECURe (funded by the Italian Ministry of Education, University, and Research), in which the terrorist risk assessment in crowded BEs is combined with other threats (earthquakes, heat waves and pollution) in order to determine a performance-based approach useful in measuring the multi-risk resilience of BEs [41]. In this holistic approach, the project and this work include human-centred factors as a key metric element, thus overcoming the limitation of current approaches, which seem to generally underestimate the influence of users' behaviour in disasters and their relation with elements composing the BE and its management.

Selection Methodology, Selected Materials and Review Organization Methods
The main regulations and guidelines of specific countries from all over the world concerning general RMRSs for terrorist act-prone BEs are analysed. The documents have been selected by starting from existing international reports [13] and by essentially considering: (1) the impact of terrorist acts and the high exposure to these type of attacks of selected countries, especially in the last few years, according to global terrorism databases and reports such as [1,2]; (2) in view of the previous point 1, the presence of solid regulatory frameworks and guidelines which are freely available online in a complete version; (3) direct reference to the built environment as the common goal of the regulatory frameworks, including both its layout and its emergency management system, rather than the inclusion of general counter-terrorism measures such as intelligence-oriented ones, based on actions by Law Enforcement Agencies.
Appendix A- Table A1 summarizes the list of documents selected by the current work. The main European countries and the United States of America are selected because they seem to represent the most significant scenarios according to the aforementioned criteria. Some additional countries, i.e., Australia and India, are included in view of their exposure levels as well as of the availability of documents concerning organized regulatory frameworks. Considering the 2019 reports on terrorism risk all over the world, "in North America, Western Europe, and Oceania, far-right attacks increased by 320% over the past five years" (that is the period 2013-2018) [1]. Meanwhile, the number of incidents in the countries placed in these geographical areas increased by about +114% in comparison to the years 2009-2013 [2]. For India, an increase of 40% in incidents was noticed in comparison to the years 2009-2013 [2].

Classifications of Terrorist Act Risk Management and Reduction Strategies
According to the literature overview discussed in Section 1.1, RMRSs can be classified according to the main criteria summarized in Table 1. Target-oriented classifications are based on the specific features of the BE prone to the terrorist act, mainly in terms of hosted activities (Section 2.2.1). The attack-oriented classification highlights that RMRSs should face specific threat conditions (Section 2.2.2). Time-dependent and space-dependent strategies underline how RMRSs have different goals depending on their relationship with Sustainability 2021, 13, 901 4 of 29 the terrorist attack timing (Section 2.2.3). Space-dependent oriented classifications are based on the localization of the strategies into the BE itself (Section 2.2.4), thus sharing implementation criteria with architectural and management issues in RMRSs' application in the BE (Section 2.2.5). Table 1. Summary of classification of Risk Mitigation and Reduction Strategies (RMRSs) in terrorism-prone Built Environments (BEs), by outlining main classification options, differences to classify the RMRSs depending on their purpose or implementation-related features, the main references and the interactions among the classification criteria.

Target-Oriented Classifications
A basic classification of RMRSs can be related to the target definition on which they are applied [10,11,18]. The classification of general RMRSs for "hard targets" mainly involves the restriction of area access to the public and the existence of invasive surveillance solutions by Security Forces. On the contrary, RMRSs for "soft targets" do not involve such severe measures. Moreover, RMRSs can generally be divided into active and passive control. According to consolidated literature definitions [8], active control includes "electronic surveillance, private security guards, and the laws and rules of conduct that can restrict actions, influence behaviours or impede interaction", while passive control measures are "rather more subtle and include aesthetic and 'streetscape' features".

•
Active actions, where a bi-univocal relation between overarching governances and urban users is activated by including prevention (i.e., active military intelligence), mitigation (i.e., active education of BE users) and security/safety (active surveillance solutions); • Passive actions, in which any feedback is established by users and overarching rules/ guidelines/indications are simply applied, by including prevention (i.e., passive normative regulations), mitigation (i.e., passive information of the BE users) and security/safety (i.e., passive control for urban space design and security).
In this sense, such strategies can have a relation of impact concerning: (1) the implementation through the aforementioned strategies for "hard" and "soft" targets; (2) the interactions with the users.
Active and passive RMRSs could be classified according to their level of (in)visibility in the BE, thus influencing the different perception levels of the hosted users as well as the terrorists [8]. In particular, invasive RMRSs are generally characterized by a high impact on the BE in terms of application. In fact, they include a widespread implementation of measures (active strategies such as video surveillance systems or Security Forces control) and a significant aesthetic impact (passive strategies such as heavy barriers), thus being more oriented towards the context of hard targets. They generally have a low level of sustainability (i.e., scarce adaptability, invasive for citizens) for the BE, especially in relation to normal use conditions, being oriented to overt security purposes. On the contrary, visible RMRSs are integrated into the BE by maintaining a reduced aesthetic impact since they can also be used for normal use conditions according to a "camouflaged" approach (passive strategies such as urban furniture that can be used as barriers in case of a terrorist attack). Finally, according to consolidated definitions [8], invisible RMRSs are not perceived by the public since they are "covertly embedded within the urban landscape" or they are applied to specific elements in the BE that are not generally acknowledged as security-oriented by the public (e.g., façades). In this sense, visible and invisible RMRSs are more oriented towards soft target application, leading to a "security by design" approach for a sustainable BE [13]. Table 2 summarizes the countermeasures according to the concept of "visibility" and "activeness" of the involved elements.  [30,[48][49][50][51] relating the "visibility" of measures and "activeness" of urban users. "N.A." means not assessed since no measure can be evidenced in existing research. According to the aforementioned target-oriented classification and focusing on "soft target" related issues, other approaches can distinguish RMRSs depending on the BE main intended use (both indoors and outdoors), based on the national regulations concerning them [13,42,43]. In particular, RMRSs can be divided according to the classification in Table 3, which is based on the combination between the intended use of a BE and crowd conditions such as occupants' loads and typology of hosted individuals in terms of famil- iarity with the BE (for BEs as working places, please also compare strategies related to the safety and health of workers from a national point of view). Table 3. The main classification of the intended use of BE and crowd conditions in reference to the RMRSs proposal.

BE Classification Examples of Intended Uses Related Main RMRSs
Public spaces commercial (mainly, great shopping centres), sporting (stadia, arenas and playgrounds in general, both indoor and outdoor); Closely combined with those related to additional safety fields, i.e., fire safety and workers' safety and health, especially for those hosted by buildings in the BE entertainment (e.g., theatres, cinemas); accommodation facilities (e.g., hotels) restaurants and bars/pubs BEs hosting mass gathering events or possible crowd conditions (both indoor and outdoor, e.g., pedestrian areas) BEs for the community, having also a symbolic feature as a terrorist target BEs for education (mainly, schools) Grouped in with similar crowd conditions and partially controlled access systems (e.g., depending on the different areas of the BE, such as for schools or hospitals), and also correlated to RMRSs for public spaces BEs for religion (e.g., churches, temples) healthcare centres (e.g., hospitals) BEs for transportation public spaces for transportation (e.g., airports, train stations, harbours) Possibility of areas with restricted access and also need to coordinate the RMRSs by contemporarily involving the BE occupants' and passengers' (onboard the means of transport) safety, the modelling of specific damage and injuries due to the transportation hub typology, and the business continuity elements the means of transport themselves Other BEs (almost private ones) BEs as working places Low complexity strategies thanking the possibility of access control in the areas, thus intervening in specific elements of the BE or in management issues (also compare with Section 2.2.4 classification) residential buildings In such a context, RMRSs connected to significant crowd levels in these BEs assume a transversal role due to the risk-increasing factors induced in the management of terrorist acts [42,52]. Nevertheless, regulations and guidelines evidence the dependency between such scenarios and specific RMRSs in outdoor areas [32,53] with respect to: (1) the hosted event (in terms of crowd typology and quantity); (2) the event layout; (3) the definition of different zones open to the public; (4) the access system; (5) the emergency management system and facilities.
Finally, differences between safety and security goals can distinguish RMRSs in the BE [7,32,42,44]. Although additional differences and similarities between the two goals exist, current frameworks [7,44] evidence how: • Safety strategies are essentially oriented towards the protection of the hosted users from all the failures that can appear in the BE. They limit the fatalities due to their use in some risk-increasing conditions, such as those of mass gathering events, as well as due to the consequences of the terrorist acts, such as injuries and deaths due to the attack-related emergency; • Security strategies are essentially oriented towards the contrast of intentional actions due to the terrorist act and thus preserve the public order. They mainly include all the measures performed by the Security Forces before and during the attack.

Attack-Oriented Classification
RMRSs are differently organized to respond to the specific features of the terrorist acts. Main classifications can refer to the following issues.
Firstly, RMRSs can be organized according to the types of threat to be faced [43]. Internal threats essentially involve intrusion into the building by a person or persons with the intent of executing an attack. They could be mainly faced by access control strategies (compare to hard/soft target classifications) inside the BE, contrary to external threats, which imply an attack from the outside of the BE.
Secondly, some RMRSs can be effective in a limited number of typologies of attack [10,19,35,42]. Although the "modus operandi" of the terrorists can vary over time and space, main recurring typologies can be classified, as remarked by by Table 4. In particular, Table 4 organizes the typologies of attack according to the analogous attack types definedby Global Terrorism Database (GTD) classification, and traces if short-term or long-term (up to disruption) effects on the BE and its users can be provoked by the attack typology.
Finally, terrorist attacks are evolving dynamically, "shifting from symbolic, highly planned attacks to attacks that could occur anywhere, at any time, with the potential for mass casualties and infrastructure damage" [54]. RMRSs could be required to face localized attacks as well as Complex Coordinated Terrorist Attacks (CCTAs), such as multiple attackers' teams, attack locations, and attack types. RMRSs against CCTAs require a more complex cooperation system between the solutions implemented within the BE, the First Responders, the Security Forces, and the community [54,55].

Time-Dependent Classifications
RMRSs could also be distinguished depending on time, thus being correlated to the kind of threat and attack, as discussed in Section 2.2.2. Preventive (effective before, i.e., to deter, detect and delay) and emergency management (effective during) strategies can be mainly identified since they respond to different counter-terrorism goals [3,27,35,40,43,44]. Furthermore, emergency management strategies to be applied during and after the incident have different priorities depending on the operational timeline, thus limiting the effectiveness of some of them to specific time spans [35]. This kind of classification can also be related to the timing of behavioural issues in case of a terrorist act, thus linking the RMRSs to the contrast of risky behaviours or the promotion of correct responses by the users of the elements composing the BE [3,22,34,40,44]. In this view, RMRSs could be related to the different phases characterizing a terrorist act, which show different behaviours depending on the man-man, man-BE and man-threat sources interactions [22,44].

Space-Dependent Classifications
Regardless of the BE target-related features and main intended use and of the BE specific layout (e.g., building-related configuration of outdoor areas), RMRSs could be distinguished depending on space, thus being correlated to the kind of threat and attack as for time-dependent classification. Table 4. Global Terrorism Database (GTD) classification of the "modus operandi" of the terrorists and correlation with attack typologies, their specifications and main terms of their effects. It can compromise the functionality of a BE by limiting/affecting the state of their infrastructural elements (e.g., water or electrical supply, cyberterrorism towards the BE facilities), thus provoking not only physical damages but also economic and social ones

GTD Classification
From a general point of view, since terrorist acts are generally focused on specific elements composing the BE, RMRSs should be differently organized according to the considered distance from the target by creating different zones [46,52,56,57]. This concept is mainly associated with bombing or armed assaults, such as in the definition of stand-off distances and zones, but it could be extended to other kinds of attack, e.g., vehicle attacks (i.e., the relation between areas that can be accessible or not by vehicles). As a consequence, such a classification evidences how the strategies should be deployed by considering the effective BE features for RMRSs deployment and the relationship between each part of it and the surrounding BEs [45,46,56].
On this basis, "zone" or "layer of defence" design approaches have been organized by previous guidelines, thus focusing on the BE site definition [45,46]. Figure 1 schematizes the main elements of the "zone" and the "layer of defence" design approaches for general (e.g., the simplest configuration of an isolated building site-see Figure 1A), linear (see Figure 1B) and areal (see Figure 1C) situations. each part of it and the surrounding BEs [45,46,56].
On this basis, "zone" or "layer of defence" design approaches have been organized by previous guidelines, thus focusing on the BE site definition [45,46]. Figure 1 schematizes the main elements of the "zone" and the "layer of defence" design approaches for general (e.g., the simplest configuration of an isolated building site-see Figure 1A), linear (see Figure 1B) and areal (see Figure 1C) situations. Figure 1. Scheme of the "zones" and "layer of defence" approaches to RMRSs in a BE for: (A) general BE (e.g., isolated or single buildings); (B) linear BE; (C) areal BE. On the bottom (D), the zoning scheme derived from GSA (U.S. General Services Administration) [45] is compared to the layer of defence given by FEMA 426 [46], by evidencing the legend for the upper part of the figure.
In particular, the main and essential RMRSs-related scheme can be based on existing regulations based on the following three "layers of defence" [46]:

•
The First (or Outer) Layer (in the following, L1) is composed of all the barriers placed at the borders of the considered open space (e.g., for isolated buildings, the property line; for complex linear or areal BEs in urban scenarios, the limit of the area considered to be protected by RMRSs). The urban areas and the BEs placed beyond L1 are not controlled by the BE stakeholders and users. L1-related RMRSs are essentially based on the possibility to create a limit for the BE-related RMRSs and to relate all the RMRSs involved in increasing urban resilience (e.g., involvement of the In particular, the main and essential RMRSs-related scheme can be based on existing regulations based on the following three "layers of defence" [46]:

•
The First (or Outer) Layer (in the following, L1) is composed of all the barriers placed at the borders of the considered open space (e.g., for isolated buildings, the property line; for complex linear or areal BEs in urban scenarios, the limit of the area considered to be protected by RMRSs). The urban areas and the BEs placed beyond L1 are not controlled by the BE stakeholders and users. L1-related RMRSs are essentially based on the possibility to create a limit for the BE-related RMRSs and to relate all the RMRSs involved in increasing urban resilience (e.g., involvement of the population, security and safety strategies for urban areas, security forces operation and counterterrorism actions) [3,13,29] The Second (or Middle) Layer (in the following, L2) is associated with the areas and objects deployed from the BE internal border to the exterior limit of the core elements. It refers to the physical envelope of subparts of the BE also outdoors, such as specific barriers enclosing areas in the BE, that are courtyards, gardens, restricted access areas in public open spaces (including those related to temporary BE use conditions, such as for mass gathering events). L2-related RMRSs provide a standoff into the open spaces in the BE, being under the direct control of their stakeholders. The site includes all the related areas, by referring to both those which can host the core elements (compare to the following Third Layer) and to the (outdoor) distribution spaces (e.g., access roads, evacuation paths, ancillary spaces); • The Third (or Inner) Layer (in the following, L3) usually refers to the envelope and/or to the inside of the core elements, which can be majorly identified as attack goals. It can mainly involve specific buildings [46], but also outdoor areas, such as band stages, art stands, and observation areas open to the audience [44,54]. This layer separates "unsecured from secured areas". As a consequence, L3-related RMRSs are effective to limit the possibility that a terrorist act could happen or affect the core of the BE.

Physical Versus Management-Oriented Classifications
Previous works categorize RMRSs depending on physical and management-related elements composing the BE on which designers should act to reduce or to respond to the terrorist risk [13,32,42,43,46].
According to Section 1, the main physical elements are essentially the buildings and the open spaces in the BE (by including urban furniture). In this sense, they follow the general "layer of defence" organization [46]. In particular, if considering the furniture, a permanent or a temporary application of the RMRSs-related elements can be distinguished, thus dealing with livability and (in)visibility concepts [8,32,58].
The physical measures adopted in three layers should be additionally supported by management strategies, essentially based on the operational aspects [13,21,42,46], and mainly on: • Security and safety planning strategies to be applied before and after the attack, based on risk assessment methodologies which can better identify the BE vulnerabilities; • People's involvement, improving risk awareness, preparedness and response of the users; • Policies, regulation and finance (including insurance-oriented) supporting the hosted activities (mainly economic ones and those with social impact).
Finally, some RMRSs can involve different physical and management issues, regardless of the elements to protect. The main examples are represented by drone-based and video surveillance-based RMRSs, which should adopt specific management actions combined with physical measures in the BE [13,29].

Classifying Existing Paradigms by Considering the BE Elements
Existing RMRSs classifications in Section 2 suggest that RMRSs can be assigned to different elements composing the BE and its management [46]. This approach is consistent with the Section 2.2.5 outline and focuses on the effective elements to be planned by safety designers [13,32,42,43,46]. Based on the general definition for physical versus managementoriented classifications in Section 2.2.5, RMRSs can be classified considering the key factors organized by Figure 2. In particular, they encompass:

•
The design of the physical elements composing the open space in the BE, by focusing on those used as perimeters (e.g., building façades, barriers in outdoor areas) and those placed inside it (e.g., outdoor areas and buildings having a specific function and/or feature) (Section 3.1); • BE layout, by involving RMRSs dealing with the organization of indoor and outdoor spaces, distance-related issues (i.e., standoff), and emergency facilities (Section 3.2); • Access control and surveillance, dealing with the strategies to be implemented towards such goals on the border of/inside the BE (Section 3.3); • Safety and security management, evidencing how safety and security staff actions could reduce the risk before/during the threat (Section 3.4).
This classification ensures the creation of a unique analysis layer on which specific actions are assigned to compose physical and management-related aspects. It succeeds in having a possible multi-purpose standpoint with respect to the target, the attack, and the time and space dependency. Nevertheless, some approaches are related to specific attack types as a direct consequence of their design principles and goals. The following classification discussion tries to evidence such issues. Dependencies between the RMRSs are discussed to evidence how they could be jointly implemented to improve the sustainability of safety and security in terrorism-prone scenarios. and/or feature) (Section 3.1); • BE layout, by involving RMRSs dealing with the organization of indoor and outdoor spaces, distance-related issues (i.e., standoff), and emergency facilities (Section 3.2); • Access control and surveillance, dealing with the strategies to be implemented towards such goals on the border of/inside the BE (Section 3.3); • Safety and security management, evidencing how safety and security staff actions could reduce the risk before/during the threat (Section 3.4). This classification ensures the creation of a unique analysis layer on which specific actions are assigned to compose physical and management-related aspects. It succeeds in having a possible multi-purpose standpoint with respect to the target, the attack, and the time and space dependency. Nevertheless, some approaches are related to specific attack types as a direct consequence of their design principles and goals. The following classification discussion tries to evidence such issues. Dependencies between the RMRSs are discussed to evidence how they could be jointly implemented to improve the sustainability of safety and security in terrorism-prone scenarios.

RMRSs by the Design of the Physical Elements
The "safe perimeter" strategy can be performed by implementing specific obstacles along the frontier of the BE with the paramount aim of avoiding the access of vehicles to the target. According to their psychological effects in terms of users' insecurity [8,51], the physical elements evolved towards the concept of visible/invisible solutions, adding invisible or well-integrated products or solutions to traditional heavy barriers (e.g., concrete ones) [8,46]. All these solutions require discussion in terms of mitigation efficacy [32,44,46], aiming at their qualifications in terms of:

•
Resistance to impacts that usually depend on vehicle typology and speed; • Geometric efficacy when solutions are a system of independent elements; • Emergency compatibility to guarantee the possibility of moving out of the BE site (e.g., correct dimensioning of passages, barriers that can be knocked out by evacuees).
The "Building shape" is mainly applied to buildings with the main purposes of: • Facing blast load effects. In this sense, these strategies firstly consider building geometry, size (e.g., horizontal development is preferred to a vertical one) and façade continuum (re-entrant corners, circular and concave forms). Furthermore, the

RMRSs by the Design of the Physical Elements
The "safe perimeter" strategy can be performed by implementing specific obstacles along the frontier of the BE with the paramount aim of avoiding the access of vehicles to the target. According to their psychological effects in terms of users' insecurity [8,51], the physical elements evolved towards the concept of visible/invisible solutions, adding invisible or well-integrated products or solutions to traditional heavy barriers (e.g., concrete ones) [8,46]. All these solutions require discussion in terms of mitigation efficacy [32,44,46], aiming at their qualifications in terms of:

•
Resistance to impacts that usually depend on vehicle typology and speed; • Geometric efficacy when solutions are a system of independent elements; • Emergency compatibility to guarantee the possibility of moving out of the BE site (e.g., correct dimensioning of passages, barriers that can be knocked out by evacuees).
The "Building shape" is mainly applied to buildings with the main purposes of: • Facing blast load effects. In this sense, these strategies firstly consider building geometry, size (e.g., horizontal development is preferred to a vertical one) and façade continuum (re-entrant corners, circular and concave forms). Furthermore, the immediate building surroundings could additionally ensure a positive effect, by using safe perimeter-based solutions (e.g., barriers against bombings, outdoor spaces planoaltimetric configuration, and so on); • Preventing possible assaults of terrorists inside the buildings (e.g., intrusion and armed assaults or following bombing as internal threats) or in the immediate surroundings. In this sense, these strategies try to ensure the possibility of blocking views of the inside assets to perpetrators or improve the building control (see Section 3.3). As well for this attack type, the buffer zones could support such strategies while being combined with building orientation, vegetation use, building components and external area planning elements (e.g., obstruction screens and man-made hillsides).
According to existing frameworks [46], these measures should be combined with: (1) safe perimeter and standoff measures to reduce the risk of building occupants, by means of unoccupied or low occupancy areas in the proximity of the entrances and of the perimeter (e.g., buildings envelope); (2) management strategies, by identifying secured and unsecured areas within a building and separating them with buffer zones. Such characteristics evidence how they can be difficultly compatible in the case of application to existing BEs, unless the interventions are applied to the elements in the open spaces. Finally, the coordination between building shape and emergency layout-oriented strategies could increase the evacuation motion towards the shelters or the building exits, as for general fire safety solutions.
The "Façade protection" can guarantee the limitations of threat and damages propagation from the outside into the buildings. Structural properties, in reacting to bombing attacks, assume a paramount role indeed [42,43,46]. However, it is referred to the most vulnerable element in facades (e.g., windows, doors or structural glass) as additional protection near to the discussed "building shape" as well as the BE layout-related RMRSs [46]. According to existing frameworks [35], technical details concern these ideas:

•
Laminated glass with an inner layer of polyvinyl butyral well secured into the frames is preferred. Concerning their position, windows are placed low down, reducing the distance of flying glass into the room. • Security doors provide enhanced protection against forced entry and overall resilience of the outer shield of the building; moreover, doors should be bomb resistant, bullet resistant and extreme-intrusion-attempts resistant.
Such characteristics evidence how they can be limitedly sustainable in case of application to existing BEs, unless the interventions are applied to the simple retrofit of the existing building components.

RMRSs by BE Layout
The "standoff " oriented RMRSs can be implemented in relation to the safe perimeter and related BE site layout, combining minimum distances with physical elements or specific area to keep vehicles away from the entrance of buildings or their more vulnerable parts [46]. Standoff oriented RMRSs are specifically adaptable to increase the distance between bombing sources and specific targets.
"Sheltering" RMRSs are a human-centred solution aimed at protecting the BE occupants in safe areas placed as close as possible to their position before the attack. Their efficiency depends on the implementation of proper "emergency layout" and "emergency plan" measures as well as on "structure" oriented measures to contrast the attack-related damages [57]. Such strategies are borrowed from emergency plans concerning fires or climate-related events (e.g., storms, hurricanes) and they are usually identified as safety areas located inside the buildings [34]. In fact, "sheltering" inside buildings (as an "invacuation" or "inward evacuation" procedure) can be a valid approach for outdoor areas in the BE in the case of attacks due to external threats in respect to the buildings themselves, such as vehicle attacks, armed assault or even low-level risk of chemical, biological and radiological (CBR) attacks [42,52,57]. The effectiveness of such RMRSs can be guaranteed when combined with:

•
The design of physical elements in the BE, adopting "Façade protection" measures to contrast the attack itself; • The aforementioned "emergency layout" strategies by integrating them with the support of management solutions. In this sense, additional RMRSs can mainly concern: (1) correctly signalling the sheltering areas by means of signs or by using "emergency plan" related actions by safety and security staff members; (2) also promoting "users' involvement" before the event; • Additional "access control and surveillance" solutions to impede the attackers who could arrive at the shelters.
"Area division" and "emergency layout" related measures can be guaranteed by correctly applying the RMRSs relative to "safe perimeter". Through their implementation, the open spaces in the BE should be divided into sectors able to host a definite number of occupants, and they are fully designed in mass gathering events. Furthermore, the contribution of each outdoor and indoor element towards this analysis should be considered. Specific areas should be circumscribed when locating emergency facilities, and access and exit points should be identified with well-delineated borders by controlling the crowd flows [32,44]. "Emergency layout" strategies can also limit critical phenomena in crowd motion to reduce time-increasing and individuals' safety-decreasing man-man interactions, such as counterflow movements along the evacuation paths or high-density crowd conditions [38,59].

RMRSs by Access Control and Surveillance
"Access control" is a paramount strategy for hard targets or in case of mass gathering events due to its strongly deterrent character for terrorist attacks [9,29,32,46]. Safety personnel are often employed to manage such controls by following specific management procedures. If combined with safe perimeter solutions (i.e., heavy barriers), they constitute the most invasive solutions [8]. However, novel technologies could be employed to speed up the access controls and to make them less invasive, such as body scanners, metal detectors and optical devices for counting people. The use of video surveillance systems (CCTVs), distributed across the overall BE, can support the investigations of intelligence authorities to prevent possible terrorist attacks and to detect the perpetrators after the event. In addition, the effectiveness of these two RMRSs are strictly influenced by: (1) the application of reliable coordination actions; (2) the robustness of the infrastructure which collects and disseminates data between the First Responders and the LEAs [11,29].
In addition to these two main control and surveillance RMRSs classes, "illumination" represents a real and psychological deterrent for continuous or periodic observations by an aggressor, as well as a low-cost solution [46]. Different illuminance conditions can be designed to be increased over time, while site lighting can be helpful as a response to different levels of alert or to support users in attack-affected conditions (e.g., proper illuminance of the emergency layout). Finally, security illumination tools should be combined with CCTV since the cameras may need high intensity, low intensity, or infrared light for proper operation.

RMRSs by Safety and Security Management
"Security personnel" mainly include LEAs, Security Forces, and other surveillance bodies in soft targets. They should perform all the actions mainly related to security issues [7,44] that are: (1) before the event, to mainly deter and detect possible attackers; (2) during the attack, to mainly support First Responders in "first aid" operation in the immediate aftermath and to detect the assaulters. In a "coordination" perspective, they should be adequately trained to face effective conditions, and they also require the implementation of effective access control and surveillance RMRSs [32,42,44,60]. From a procedural point of view, while responding to the attack conditions, RMRSs concerning "security personnel", "first aid" and "coordination" should also be strongly supported by the emergency plan and emergency layout. In addition, tools to estimate the damage caused by the attack itself by including both direct fatalities due to the event and crowd-related and behavioural-based phenomena (e.g., crushing effects in the crowd) can support the combined planning of such RMRSs [38,40,44,61].
In view of the above, it is important to underline the role of two main RMRSs. Firstly, the "emergency plan" becomes a key element in management oriented RMRSs. This is the sum of subsequent indications for emergency personnel and users about the employment of the predisposed emergency facilities. Therefore, emergency plans have to be strictly related to the other RMRSs and able to organize and create interactions among them. Emergency coordinators and designers should have the capability to comprehend every key aspect and potentiality of each emergency measure and to take advantages from them by putting each RMRS into communication, to prevent and discourage the attack and to work jointly after the attack. Emergency plans have to take into account the main features of soft target typologies, which depend on their intended use. In particular, they have to face with the possibility that specific activities take place, and, in the case of mass gathering events, with the expected number of people (which can sensibly vary in soft targets and, especially, in outdoor areas).
It is worthy of notice that such measures are well codified in the literature when they are referred to a single part of the BE (e.g., a single building) or to the BE as a whole during specific events, such as organized mass-gatherings, festivals, and so on. In the case of "daily" use of the BE, it cannot be possible to define an overall system for safety and security management. Nevertheless, it is important to evidence how future efforts in defining common action plans between all the BE stakeholders will improve the coordination of counterterrorism measures in this sense. Secondly, the "user's involvement" concerns all the actions aimed at improving the awareness, the preparedness and the correct response of citizens to the risk of possible terrorist attacks, as for other kinds of SUODs [44]. In fact, the promotion of "educative" initiatives (e.g., booklets or guidelines) to common people can improve their awareness and preparedness in case of necessity (before the event) [62]. Some European countries (i.e., Belgium, United Kingdom, Germany) have supported the development of counterterrorism measures for individual devices (mainly smartphone applications). Some of these apps constitute a tool to provide detailed indications of the right behaviours to perform linked to the types of terrorist attack, such as the virtual platform iNFO-R!SQUES.be (available at: https://www.info-risques.be/fr; last access: 30 September 2020). Other apps inform users about ongoing terrorist attacks, integrating the alert message system to the users' location thanks to the Wireless Local Area Network for smartphones, such as the KATWARN mobile application (available at: https://www.katwarn.de/en/system.php; last access: 30 September 2020).

Challenges in a Holistic, Sustainable and Human-Centred Approach to Risk Reduction Strategies' Classification and Evaluation
The brought classifications of existing RMRSs are not enough to determine which RMRSs are more convenient to be applied to a specific case study. Therefore, the main challenges for risk mitigation and management solutions have to be assessed from a sustainable point of view as well. Hence, RMRSs should be oriented towards the following main sustainability criteria here synthesized [8,10,22,24,29,[38][39][40]44,58,63]:

•
Moving towards redundancy criteria of the resilient BE by combing different strategies to ensure that each of them could support the risk-reduction process (according to different operational procedures) in all the phases of the disaster; • Selecting solutions to be effective for more than one terroristic threat/attack typology; • Adopting a human-centred approach to include the behavioural reaction of the exposed individuals (especially in crowds) and of the terrorists, also in respect to the human-BE interactions (i.e., for the promotion of correct emergency behaviours); • Including mass gathering conditions during strategy planning to ensure the safety and security aspects of different BE use situations; • Considering the possibilities of connecting different BEs (at a local scale, e.g., indooroutdoor; at a global/urban scale) to face the disaster; • Promoting a psychological function of the strategies to ensure they are perceived as reliable by the citizen, to deter the terrorists but also to guarantee the liveability of the BE under normal use conditions.
A critical evaluation of such aspects is outlined through Tables 5 and 6, which focus on the general applicability, adaptability and costs approach issues. In particular, redundancy criteria and coordination criteria in Tables 5 and 6 are expressed according to the correlation in Appendix B (Tables A2 and A3, respectively). Furthermore, Tables 7 and 8 deal with human perception and evacuation simulations, according to the human-centred standpoint.   Financing informative campaign can be considered as an investment on citizen safety; costs for users' involvement are also related to evacuation guiding tools for mobile devices (e.g., apps) Table 7. Sustainability of RMRSs by a human-centred approach (Design of the physical elements of the BE; BE layout); N.A. stands for "not assessed".

Interactions with Behavioural Issues
Perceived as Reliable and Slightly Invasive for Citizens

Possibility to Be Represented in Crowd Evacuation Simulators
Design of the physical elements of the BE

Safe perimeter
Barriers should be designed by considering the users' perception and the behaviours in an emergency (e.g., in evacuation), being correlated to emergency layout and plan strategies Barriers offer a reliable perception, while their invasive aspect or not depends on their different typology Emergency layout elements (e.g., gathering areas/evacuation paths) can be additionally protected by such measures The BE geometry and obstacles for attackers can be represented in a virtual environment. Moreover, such data can also influence the pedestrians' evacuation dynamic

Emergency layout
The emergency layout is planned by considering the supposed number of users, their typologies and their behaviours (e.g., by using evacuation simulators) Users should be aware of the safety measures and emergency facilities The emergency layout is strongly recommended, especially in mass gathering events, because of the higher impact of crowd conditions on the emergency (i.e., evacuation) process Input data for the environment definition (e.g., available evacuation paths, safe areas according to the emergency plan) Table 8. Sustainability of RMRSs by a human-centred approach (Access control and surveillance in the BE; Safety and security management if the BE).

Interactions with Behavioural Issues
Perceived as Reliable and Slightly Invasive for Citizens

Access control
Access control is aimed to discourage the attackers Access control could be strongly invasive in relation to employed tools and users' fruition modes (e.g., because of access timing) but perceived as a positive protective measure It is strongly recommended or mandatory in relation to the event entity As an element to control input data related to the simulated pedestrian's presence in the environment

Security service
Employable to discourage attackers and to detect suspected behaviours The solution can be visible or invisible depending on the employed technology generally perceived as positive Video Surveillance could give an important contribution to monitoring the situation in mass gatherings Integration of monitoring tools in the emergency to simulate "intelligent" solutions application (i.e., input data for emergency detection and evacuation management) Solution perceived as positive.
Generally also visible before the emergency.
It is strongly recommended or mandatory in case of mass gatherings Representable as a reduction in victims' amount and as rescuers' motion towards specific areas

Emergency plan
Emergency plans should be developed by considering possible human behaviours and actions (e.g., by using evacuation simulators) It should be known by the users It is strongly recommended or mandatory in relation to the event entity It can constitute the amount of data that can be assessed preventively and considered as an input to the emergency simulation

Users' involvement
Indications issued to users should be related to their spontaneous reactions performed in hazard situations People that know what to do in case of emergency will feel safer Users' proper behaviour could support the evacuation decisions from a bottom-up approach, to support the rescuers and the emergency staff Capabilities of the users to perform right behaviours Some remarks on research objectives, future challenges and design/policy/planning perspectives can be summarized according to this critical overview of RMRSs and their classification.
Firstly, according to this work's aims, the proposed classification critically reviews, for the first time, current consolidated RMRSs, filtering them through the different elements composing the BE and its management. The proposed classification succeeds in evidencing the complex relation system between all the physical and management-related elements composing the BE (outdoor and indoor spaces). This result is achieved by considering solid regulatory frameworks and guidelines. The findings highlight how the BE and its users have to be considered not as the attack's background, but as an integral part of the RMRSs themselves. In fact, safety planners should coordinate (1) the BE layout design, which can support space organization in normal fruition (i.e., standoff distances; area and access control by the stakeholders) and in emergency conditions, with (2) BEoriented interventions to establish safe perimeters and adopt constructive solutions for the protection of buildings' parts, façades, and structures (to limit the terrorist acts' effects).
The organization of RMRSs, depending on the elements composing the BE and its management, can represent a unique and easy-to-use list of solutions for safety planners and decision-makers. Thus, such a list can increase their awareness in respect to the implementation of such solutions in the BE in a sustainable and quick manner, additionally pursuing a high-level of liveability of the BE. Finally, analyses on the combination/coordination of RMRSs to contrast a terrorist act can support safety planners and decision-makers, also in view of the use of behavioural-based simulation tools, as remarked by Tables 7 and 8 [8,13,31,37].
Furthermore, the proposed classification list can be used to collect data from realworld BEs. Such an action will define recurring conditions in RMRSs' implementations depending on the frequency of RMRSs implementation. Widespread data collection in national and international contexts will support the definition of typical BE scenarios depending on the applied RMRSs.
Secondly, the proposed classification and the human-centred principles codified in Tables 7 and 8 support the combination of RMRSs to manage specific emergencies, especially related to actions carried out by the BE users. In fact, they can sustain the organization of future regulatory frameworks which can manage terrorist risks for the BE under different scenarios of use of open spaces and facing buildings. In particular, in the case of open spaces where mass gatherings can occur, the results remark how the access points should be controlled, adopting security services through trained and adequately coordinated personnel.
In this sense, future challenges in RMRSs' definition and assessment will move towards a human-centred perspective, as for other kinds of SUOD such as fires, so as to check how the BE users' control and support can be achieved in all these different scenarios of BE use. Current RMRSs solutions to increase people's safety against terrorist attacks are limitedly based on data nearer to reality [40,44,[64][65][66]. On the contrary, many simulation models were developed in the past, and they also included the effects of the terrorist acts on the BE, but most of them adopted general purpose behaviours (e.g., those related to fire egress) and only a few of them were based on effective evacuation scenarios from terrorist acts [40,[67][68][69][70]. Such modelling issues can beneficially assume microscopic approaches due to the possibility of representing the interactions among attackers, attack actions and occupants over time and space (e.g., by pursuing a social-force based [67,70] or a cellular automata [66,69] approach, also integrating agent-based models [71]). Thus, further efforts to provide reliable databases on terrorist act-related emergencies are urgently needed and they should include the possibility of simulating the effects of the adopted RMRSs [33]. In this way, these studies could fully include a human-centred approach into RMRSs' planning practices to support decision-makers [31,40,66]. The database outcomes could be used for preliminary activities related to the development, evaluation and validation of behavioural emergency evacuation simulators for terrorist attacks in the BE, especially if related to specific case studies. The results of future simulations will allow us to evidence the possible interactions among the effects of the attack (and the attackers, too), the RMRSs adopted, the BE and its modifications, the crowd and the first responders in view of such an emergency [40]. Pedestrians' evacuation flows will be combined with analyses on the evacuation time and the causalities' number to evidence the effects of such interactions and to inquire about the effectiveness of proposed RMRSs, thus improving community resilience aspects in specific scenarios. Simulation tools could also be applied to typical BE scenarios organized depending on the RMRSs analysis in real world contexts. They will define recurring conditions in the emergency phases, depending on the BE features (e.g., morphological-constructive features), the BE use and crowd presence, the type of attack and the implemented RMRSs. These activities will move towards a parametrization of risk levels and evacuation conditions in significant scenarios, thus being a quick support for preliminary effectiveness evaluations from decision-makers.
Thirdly, the RMRSs discussion through sustainability criteria is based on redundancy, adaptability, coordination, and costs, and seems to trace which RMRSs can be more convenient in relation to the obtained effects, as also remarked by Tables 5 and 6. In particular, the combination between safety and security management strategies and access control and surveillance seems to lead towards the highest sustainability levels, thus being a possible focus for effective RMRSs in the future, in each kind of BE. Such an approach will support decision-makers while organizing plans on terrorist act mitigations to be extensively applied in different urban BEs. Nevertheless, one of the greatest challenges for policy planning concerns the overcoming of limitations due to the combination of public-oriented actions and classified risk management strategies. As for other kinds of disasters, such as fires, earthquakes or floods [33,34,36], strategies based on risk awareness and preparedness should be shared with the BE users to increase their safety [32], but they should be arranged in respect to the reliability of security measures. In fact, these security measures widely concern intelligence activities and should be hence protected by public and uncontrolled accesses. The decision-makers can use simulation tools to evaluate the acceptable threshold for such safety-security measures concerning: (1) pre-disaster actions in terms of the spreading of emergency plans, which could also be known by the potential attackers; (2) and the emergency response actions to support the population during the event and the evacuation process. The level of shared information will be managed to limit the possible support to terrorists in collecting sensitive data, but it will demonstrate the level of safety of the BE they would attack, thus also becoming a dissuasive element in terrorism fighting.
Finally, the sustainability and holistic perspective-oriented criteria discussed in Tables 5 and 6 could also be adopted to provide the bases of key performance indicators to assess the RMRSs feasibility and reliability in BE application. According to the Tables 7 and 8 insights, the introduction of typical factors relating to the levels of support to BE users in emergencies and to the mass gathering conditions in the BE will boost this assessment process. From this point of view, the proposed approach also represents the first step towards the organization of holistic BE resilience metrics to also be applied to other disasters affecting the urban BE. However, they will be based on the elements composing the BE and its management, and they will adopt the same sustainability and human-centred key factors. In this sense, a combined analysis of the BE under several threats will be pursued by using common key performance indicators, in accordance with the goals of the wider project this paper is part of [41]. However, the next works should provide quantitative indexes for merging them by considering different priority levels depending on each proposed criterion.

Conclusions
Terrorism acts have become a more frequent menace for society nowadays. Attacks mainly occur in the open spaces of our cities which are habitually frequented by inhabitants. Thus, measures able to face such sudden onset and man-made disasters have to Sustainability 2021, 13, 901 24 of 29 be organized in strict relation with the Built Environment features. This work traces a critical review on existing and consolidated Risk Mitigation and Reduction Strategies (RMRSs) based on the codified regulations that risk-prone countries have adopted in the last few decades.
Classifications of RMRSs are provided according to main literature-based criteria and involve consolidated regularity frameworks. In particular, the analysis provided a distinction between hard and soft BE targets, where active and passive actions can be applied by considering their level of visibility in respect to possible aesthetic and preservation issues of the BE. The identification of the main attack typologies is supported by the RMRSs' effectiveness depending on time and space, since different attacks imply different effects on the exposed individuals and modifications of the BE. A layer-based discussion of RMRSs' implementation in the BE evidences the roles of perimeter elements, open spaces in the BE (and their furniture) and building components/buildings as the inner level of safety.
In view of the above, the collection of the main paradigms regarding physical and management-oriented aspects in the BE can summarize all these issues from a holistic standpoint. It provides the basis for the discussion of consolidated RMRSs based on sustainability and human-centred criteria, which essentially encompass redundancy, adaptability, coordination, costs and BE users' support in emergency conditions. Filtering RMRSs by the elements composing the BE and its management provides the basis for the future organization of these solutions from a parametric standpoint, which depends on the effective scenario where they will be placed. Meanwhile, among the adopted criteria, the human-centred ones highlight how simulation-based approaches could play a pivotal role in assessing the effectiveness of RMRSs, also including emergency management topics, due to the significant impacts of man-man and man-environment interactions in the immediate response phase.
Future works will have to improve the dimension of the sample of the documents concerning the RMRSs by including those from other countries prone to terrorist acts. This action will allow detecting if additional measures can be included in the RMRSs classification, according to local experiences and other codified policies. At the same time, a deeper focus on case studies from real-world BE applications could support the delineation of a general theory for RMRSs' selection and evaluation. The proposed BEoriented classification criteria of RMRSs could be applied to real-world scenarios. These activities could delineate common implementation strategies in real contexts. Furthermore, the response of each deployed RMRS before and during the attack could also be assessed if considering BEs affected by terrorist acts. Thus, stakeholders and researchers could move towards experimental-based analyses on their effectiveness to be compared with feasibility, risk assessment and simulation-based evaluations.

Data Availability Statement:
No new data were created or analyzed in this study. Data sharing is not applicable to this article.

Conflicts of Interest:
The authors declare no conflict of interest.