- Featured Guidance
- What is Hostile Vehicle Mitigation?
- Hostile Vehicle Mitigation Measures
- Introduction to Vehicle Borne Threats
- Vehicle Borne Improvised Explosive Device (VBIED)
- Vehicle As a Weapon (VAW)
- Layered Attack Vehicle - Transporting attackers and/or weapons
- Exploits
- Operational Requirements
- Standards, Testing and Products
- Hostile Vehicle Mitigation Project Cycle
- Design
- Build
- Operate
- Public Realm Integration
- Anti-Terrorism Traffic Regulation Order

Hostile Vehicle Mitigation puts a protective barrier around your site protecting you, your people and your infrastructure.
Since 2014 vehicles have been used as weapons in over 140 attacks around the world.
A quarter of these attacks led to deaths. Two thirds led to significant injuries. Public places that are clear of obstacles, with room for a vehicle to accelerate, are prime targets for attackers.
Nine out of ten attack locations did not have significant security barriers in place.
Hostile Vehicle Mitigation comes in many rated forms. It puts a protective barrier around your site protecting you, your people, and your infrastructure from those planning to do harm.
For more information, please visit the NPSA and ProtectUK websites at www.npsa.gov.uk and www.protectuk.police.uk.

The Public Realm Design for HVM video highlights NPSA's guidance on designing public spaces with consideration to HVM.
Since 2014, terrorists have used vehicles in over 140 attacks around the world.
These have led to deaths, significant injury and have caused disruption amongst society
[car windscreen shatters]
[screams from people]
[car skids]
[loud explosion]
When mitigating vehicle threats, every metre counts.
[car ignition]
To better protect your people and assets, you want to keep hostile vehicles away from your site.
To do this you should integrate hostile vehicle mitigation into your planning and site design.
By reconfiguring your site layout and adapting existing features, you can make yourself a more difficult target.
Introducing multi-functional mitigations such as street furniture, planters, trees and water features, can make it more difficult for vehicles to attack your site.
Changing road layout, introducing chicanes and altering your sites typography, can slow vehicles down, remove direct approaches and restricted potential attack routes.
Through introducing a wider site perimeter, you can achieve blast stand-off distance, restrict which vehicles enter your site and increase the deterrence to an attacker.
By blending hostile vehicle mitigation into your new designs or retro fitting an existing space, you can better protect your site and keep people safe.
For more information about integrating hostile vehicle mitigation into the public realm, search ‘Public Realm Design Guide’ or ‘Hostile Vehicle Mitigation’ on the NPSA website.
Featured Guidance


Operational Requirements:
- Hostile Vehicle Mitigation (HVM) Operational Requirements - Level 2
- Procuring the Services of a Specialist Security Consultant
- Vehicle Security Barrier Scoping Document
Standards and Testing:
- NPSA Hostile Vehicle Mitigation (HVM) ISO 22343-1 Guidance Note
- Impact Testing of Vehicle Security Barriers
- Hostile Vehicle Mitigation (HVM) Vehicle Impact Testing and FEA Computational Analysis Guidance Note
- Factors Influencing Concrete Curing During Vehicle Security Barrier Installation
- Testing Soil Conditions for Vehicle Security Barriers Tests - Summary
- Testing Soil Conditions for Vehicle Security Barriers Tests - Full report
Project Cycle:
- Hostile Vehicle Mitigation (HVM) Earthworks and Landscaping
- Due Diligence in the Selection and Procurement of Vehicle Security Barriers
- Guidance Note on Vehicle Security Barrier Foundations
- Active Vehicle Security Barriers - Control Panel Design
- Retractable Vehicle Security Barriers - Maintaining Road Surface Friction
- Considerations for Temporary Vehicle Security Barriers
- Vehicle Security Barriers and Road Safety Barriers
Public Realm:
What is Hostile Vehicle Mitigation?
Hostile Vehicle Mitigation (HVM) is a protective security discipline focussing on reducing risks associated with vehicle borne threats posed by terrorists and criminals. HVM is the delivery of measures that are informed by the threat and how it manifests itself, the multiple consequences of an attack, the vulnerability of a given location and the needs of the enterprise requiring protection. The basis of HVM are security risk assessments, security planning, and design and the deployment of risk-based measures.
Hostile Vehicle Mitigation Measures
HVM measures are the integrated deployment of security processes, procedures and physical obstructions to counter vehicle borne threats. They typically include; deterrent communications, security awareness, incident response planning and training, operational security, traffic management and the deployment of physical obstructions such as vehicle security barriers and traffic calming measures.
Introduction to Vehicle Borne Threats
Vehicle borne threats range from vandalism to sophisticated or aggressive attack by terrorists or determined criminals. Vehicles (such as cars, vans and lorries) are widely available and terrorists have previously gained access to them through a number of means:
- Owned: a vehicle is under the attacker's possession
- Borrowed: a vehicle is lent by an unwitting or complicit associate
- Leased: a vehicle is hired from a company, using real or fake documentation
- Stolen: a stationary, unattended (locked or keys in ignition) vehicle is taken
- Hijacked: an occupied vehicle, parked inside or outside a protected area, is seized.
Terrorists use vehicles in three main ways to enable an attack:
- Vehicle Borne Improvised Explosive Device (VBIED)
- Vehicle As a Weapon (VAW)
- Layered Attack Vehicle - Transporting attackers and/or weapons
During a terrorist attack, the driver is unlikely to comply with the rules of the road. They will:
- Traverse over green spaces such as fields, recreational ground, parks
- Park illegally
- Ignore traffic signals
- Drive at speed
- Drive on the wrong side of the road
- Mount footways
- Enter pedestrianised zones
Vehicle Borne Improvised Explosive Device (VBIED)
An improvised explosive device is either visible or concealed within a vehicle and transported to target.
The effects from a VBIED detonation include the blast, fireball, primary & secondary fragmentation and ground shock.
The blast stand-off (the distance between the device and the asset) is the most important factor in determining the extent of damage that can be caused. Maximising the blast stand-off distance will reduce the damage sustained to the asset.
Vehicle As a Weapon (VAW)
Deliberately driving a vehicle:
- at an individual or into crowds of people to cause harm; or
- deliberately driving a vehicle into infrastructure to damage or disrupt its operation. This may indirectly lead to harm to people or disruption to the operation of a site/event, or more widely, critical services or supplies.
Driving a vehicle into crowds is regarded by terrorists as attractive because it is likely to cause multiple casualties, is low complexity, affordable, requires little planning and skill and is perceived as less likely to be detected in the planning phase.
VAW attacks are frequently the first part of a Layered Attack. The attacks frequently begin on public roads with little or no warning and are often followed by a marauding attack using bladed weapons, firearms or fire as a weapon.
Layered Attack Vehicle - Transporting attackers and/or weapons
A layered attack is a combination of attack types.
The vehicle may:
- facilitate the delivery of armed attackers, either covertly or overtly; or
- be combined with a VBIED or VAW attack
Exploits
There are seven exploits terrorists will use to overcome operational and/or physical security measures:
- Parked: A vehicle may be legitimately or illegally parked close to, or inside the perimeter of, a site or event space. Prior to an attack, a vehicle may be parked repeatedly to create familiarity and may be abandoned for a short or considerable time.
- Encroachment: A vehicle may exploit gaps in perimeter protection; drive slowly through, or over, what is perceived to be a perimeter; or tailgate legitimate vehicle access through a single-layer Vehicle Access Control Point (VACP).
- Penetrative: A vehicle may be used at low or high speed to breach security measures. Lower speed attacks may involve the vehicle being aggressively and repetitively rammed against security measures or other obstructions to gain access.
- Deception: Attackers may forge or steal documentation, lie, or alter the look of their vehicle or themselves to appear legitimate. A ‘Trojan Vehicle’ is a vehicle modified to replicate a legitimate access. An ‘unknowing mule’ is a legitimate driver unknowingly delivers an IEDs, weapons, and/or attackers into a site.
- Duress/Coercion: A legitimate driver, security officer at a Vehicle Access Control Point (VACP), or other person could be forced to facilitate access to a site. They, or others known to them, may be threatened with violence or placed under undue influence through mental pressure (e.g. bribery or blackmail).
- Insider: A person with legitimate access willingly facilitates and attack by operating the security measures locally or remotely, managing or issuing access rights or interfering with the security measures.
- Tamper/Compromise: A cyber or physical attack aiming to alter, weaken, or disable a barrier, while intending to leave no evidence.
Operational Requirements
How do I assess the strengths and vulnerabilities of my site to vehicle-borne threats?
Once the nature of threat is understood, practitioners should take a methodical and considered approach to determine project objectives and highlight security vulnerabilities:
- Develop detailed security requirements for HVM - Operational Requirements (OR)
- User Requirement Document (URD) if not covered in the detailed requirements - addressing additional business needs e.g. stakeholder liaison, planning and design
- Practical site assessment - a detailed review of vulnerabilities and opportunities in the environment, operational and physical security measures.
- Technical assessment - e.g. Vehicle Dynamics Assessment (VDA) at specific locations based on the relevant threat vehicle(s)
- Liaison with technical or security experts - e.g. NPSA or CTSAs, or RSES professionals with relevant experience.
How can I reduce the vulnerability of my site and mitigate vehicle-borne threats?
Based on the project objectives and site assessment, a range of options can be incorporated into the design of a robust HVM strategy:
- Principles of hostile vehicle mitigation - determine the aims of the HVM strategy and how it will integrate with other site security measures.
- Traffic calming - can be used to limit vehicle approach speeds to a manageable level.
- Vehicle Security Barriers (VSB) - provide proven vehicle impact protection and maintain blast stand-off.
- Traffic management - when and how legitimate traffic will access the site.
- Vehicle access control - consider deployment of active VSB solutions, access procedures, long term operational management and emergency access.
Standards, Testing and Products
What vehicle impact test standards should I be using?
NPSA recommend that a barrier deployed for the purposes of countering terrorism to protect assets against vehicle-borne threats should be a 'Rated Vehicle Security Barrier' that has undergone formal vehicle impact testing. The testing should:
- be conducted to a recognised vehicle impact test standard
- be performed at an independent test house
- achieve a performance rating in accordance with the chosen standard
NPSA have also developed an additional standard for testing: Vehicle Attack Delay Standard (VADS). VADS provides a means for testing Vehicle Security Barriers (VSBs) against aggressive and repetitive vehicle impacts- more information can be found on the HVM Standards blog.
Hostile Vehicle Mitigation Project Cycle
Design
A HVM scheme needs to be designed before it is installed. Implementing the Operational Requirements into a scheme design will increase the likelihood of it mitigating the vehicle threat and it being incorporated into the site or event's normal operations.
Understanding the capabilities and limitations of individual products and schemes is vital before they are procured. This includes ensuring they are installed correctly, to maximise the vehicle resistance, and making them intuitive to operate; this will make them safer and more secure.
Build
Once a scheme design has been completed it is important to ensure it is built as per instruction. This will maximise the vehicle resistance. A poor build phase may create vulnerabilities in the scheme that cannot easily be detected afterwards. Due care and attention must be given during installations to ensure products are not installed incorrectly.
Operate
When the scheme is up and running it is important to keep it well maintained. Failure to do so will inevitably lead to products breaking down. This will likely impact the operability of the site or event and may create vulnerabilities that can be exploited by a hostile vehicle or make the product dangerous. Regular servicing will flag issues before they turn into serious problems.
Public Realm Integration
Integration of HVM measures within the public realm is increasingly common and whilst requiring the application of informed design choices meeting the needs of numerous stakeholders, can provide proportionate security measures without impinging on the needs of local businesses or functionality of the public space.
In addition to the publication of a public realm design guide for HVM, NPSA has collaborated with the Department for Transport to produce guidance regarding the incorporation of HVM measures in the public space and specific advice on the use of bollards and their effect on pedestrian movement.
Anti-Terrorism Traffic Regulation Order
An ATTRO provides a statutory basis under the Road Traffic Regulation Act 1984 (RTRA) for regulating traffic and implementing physical security measures to:
- avoid or reduce, or reduce the likelihood of, danger connected with terrorism; and
- prevent or reduce damage connected with terrorism, where terrorism is as defined in the Terrorism Act 2000.
ATTROs may be permanent or temporary and can only be made by a traffic authority on the recommendation of a Chief Officer of Police.
ATTROs can:
- provide for the installation of permanent vehicle control measures;
- provide for the installation of temporary vehicle control measures;
- provide for the installation of permanent vehicle control measures for later use, for example at times of raised threat or for specific events. These measures may include, for example, the installation of rising security bollards around a city centre used only when a secure conference was being hosted, i.e. whilst the bollard installation is permanent, its use is temporary;
- enable the commencement, suspension or resumption of provisions. The provisions also allow for the discretion of a Constable to apply, or not to apply, a provision of an ATTRO;
- prohibit parking on a road, for example near a vulnerable site;
- restrict pedestrian access to premises in roads affected.
In all cases where a recommendation for an ATTRO is to be made, the Chief Officer of Police should seek advice from their Counter Terrorism Security Advisor (CTSA) and major event planner with Hostile Vehicle Mitigation experience.
Early liaison between the police and the traffic authority will help in developing an effective and acceptable proposal that balances the needs of security with the impact on local residents, local businesses and road users.
- CSE: HVM Impact Rated
- CSE: HVM Delay Rated
- PAS 29000:2021 Commercially Operated Vehicles - Framework for Mitigating Security Risks from Malicious Use
- Security On Your Side
- NaCTSO Venues and Public Spaces (VAPS) Guidance
- DfT-TAL 2/13: Bollards and Pedestrian Movement
- DfT TAL 1/11: Vehicle Security Barriers within the Streetscape
- DFT-TAL 1/16: Influence of Bollards on Pedestrian Evacuation