PANOPTICON // METRICS // PAN-MET-009
ALL SYSTEMS NOMINAL ·
METRIC · COMPLIANCE & SAFETY

BSL-4 Two-Person Integrity (2PI)

Containment discipline on the most dangerous assets. Anything below perfect is a reportable security incident.

Compliance & SafetyUnit: %Per access
Metric ID PAN-MET-009 Abbreviation 2PI Category Compliance & Safety Unit % Frequency Per access Source Facilities · BSL-4 Classification INTERNAL // QUANTUM-ZONE-TASK-FORCE EYES-ONLY

Formula

Share of BCL-4 vault accesses completing the logged two-person protocol without exception.

Thresholds & Bands

BandRangeState
Intact100ok
Lapse99-100warn
Breach< 99crit

Why This Metric Matters

Two-Person Integrity is the foundational security control for the Directorate's most dangerous biological and chemical assets stored in BCL-4 vaults. The two-person protocol ensures that no single individual can access, remove, or tamper with vault contents without a corroborating witness, providing both deterrence against insider threats and an auditable chain of custody for every access event. Any lapse in 2PI is treated as a reportable security incident because even a single unwitnessed access creates an unresolvable ambiguity about vault-content integrity that could compromise containment assurance across the entire BCL-4 program.

Threshold Justification

The 100% intact threshold is non-negotiable by design — the two-person protocol admits no acceptable failure rate for BCL-4 material access. The 99-100% lapse band exists solely to distinguish isolated procedural errors, such as a witness badge-scan failing to register due to equipment malfunction, from systemic breakdowns. Any reading below 99% is classified as a breach because it indicates either deliberate protocol circumvention or a facility-systems failure severe enough to compromise the access-control infrastructure itself.

Historical Context

2PI was established as a mandatory protocol at BCL-4 facility commissioning in Q1 2024 and achieved 100% compliance within the first reporting period. Two lapse-band incidents have been recorded since inception: one in Q4 2024 caused by a biometric-reader malfunction that failed to log the second accessor, and one in Q2 2025 attributed to an emergency-protocol override during a facility containment alarm. Both incidents triggered full security reviews and were resolved without evidence of unauthorized material access or diversion.

Collection Method

2PI is recorded on a per-access basis by the BCL-4 facility security system, which requires dual biometric authentication — badge scan plus retinal verification — from two separately credentialed personnel before vault access is granted. Every access event is logged in real time to a tamper-evident audit chain within the Synaptic Data Fabric. PANACEA continuously monitors the access log for any event lacking a complete dual-authentication record and generates an immediate alert to the Facilities Security division and the Office of the Director upon detection of any exception.

Known Failure Modes

Biometric-reader hardware failures can produce false lapse signals when the second accessor's credentials are not recorded despite physical presence — these events require manual verification through facility surveillance footage to resolve. The protocol does not prevent collusion between two authorized personnel, meaning a pair of compromised insiders could execute an unauthorized removal while maintaining a technically compliant 2PI record. Additionally, emergency-protocol overrides that bypass the dual-authentication requirement during facility alarms create legitimate unwitnessed access windows that are reconciled only after the emergency is resolved.

Related Metrics

← Back to Metrics