New “Harden, Obscure, Perimeter” framework translates battlefield lessons into low-cost, non-technical defenses for stadiums, bases and public facilities ahead of the 2026 World Cup.

Joint Interagency Task Force 401 (JIATF 401) has published a new guide on protecting critical infrastructure from small unmanned aircraft systems (sUAS), aiming to give installation commanders and local law enforcement a common, low-cost playbook for shaping the physical environment against drone threats. The “JIATF 401 Guide for Physical Protection of Critical Infrastructure” is framed around lessons learned in recent conflicts and is intended for base defenders, local police, security forces and interagency partners responsible for fixed sites where people gather or key systems are exposed. 

The document starts from a simple premise: traditional physical security has been built around controlling access—fences, gates, cameras and checkpoints designed to stop people getting inside a perimeter. Small UAS break that assumption by allowing operators to surveil or threaten facilities from outside the fence line, often from one to three miles away. As a result, JIATF 401 argues that security now has to be “layered, outward-looking, and focused on denying access, visibility and opportunity” well beyond the gate. 

From access control to “Harden, Obscure, Perimeter”

At the core of the guide is the HOP framework—Harden, Obscure, Perimeter—a set of physical protection measures meant to complement, not replace, specialized counter-UAS systems. Rather than treating the drone problem as purely a sensor-and-jammer question, HOP focuses on manipulating terrain, structures and human behavior so that inexpensive commercial drones have fewer clean shots at valuable targets. 

• Harden refers to selective structural measures that disrupt predictable flight paths. Examples include concrete shielding or hardened roofs over critical equipment, overhead netting or tensioned cables above entrances and power yards, closing retractable roofs when feasible, and even lightweight wire or mesh in limited zones to create unexpected obstacles for low-flying quadcopters. 
• Obscure focuses on what drones can see. The guide recommends temporary walls, scrims and tenting around sensitive assets; visual “clutter” to break up clean overhead views; redesigning traffic and queuing patterns to avoid dense, static crowds; and the use of decoys that appear critical but are not, drawing attention away from truly vital systems. Because these measures reduce risk without invoking specialized authorities, JIATF 401 highlights obscuration as a powerful option for civilian partners. 
• Perimeter thinking extends security well beyond the traditional fence. Rather than viewing the property line as the outer limit of responsibility, the guide urges planners to establish layered perimeters that include parking lots, nearby public spaces and elevated terrain; conduct patrols focused on where ground control stations are likely to be; and introduce temporary checkpoints in outer zones during high-risk events. Training officers to recognize operator behaviors—loitering without purpose, frequent upward scanning, visible controllers or antennas, vehicles parked for extended observation—is listed as a key element.

An aerial diagram of SoFi Stadium in the guide illustrates the concept, contrasting a tight inner security zone with a much larger outer area where most commercial drones would actually be flown from. Pushing that effective perimeter outward forces malicious operators to work at longer ranges, which in turn strains battery life, degrades control links and increases the chance they will be detected. 

From forward operating bases to stadium security

In an accompanying statement, JIATF 401 director Army Brig. Gen. Ross links the guidance directly to homeland defense and major events, noting that the same principles apply whether the site is a forward operating base or a stadium hosting the World Cup. The guide has been released in support of the White House FIFA Task Force and is explicitly aimed at venues, transit hubs, ports, power infrastructure and other fixed sites where drone-enabled surveillance or attack could cause mass casualties or cascading disruption.

The first page lays out categories of concern that will be familiar to IUS readers: concentrations of people and public activity; critical systems such as substations, pumps and communications nodes; movement corridors and chokepoints; enduring government institutions like prisons and courthouses; and geographically expansive public goods such as reservoirs and water treatment plants. Each, the authors argue, is now exposed “from above” in ways that legacy access-control models do not fully address. 

Guidance for local authorities and operators

For local officials, the key takeaway is that meaningful risk reduction is possible without waiting for high-end C-UAS deployments. The closing section of the guide stresses four points: drone threats push risk outside facility boundaries; physical measures can significantly reduce that risk; hardening, obscuration and extended perimeters are most effective when layered together; and environmental design choices can deter or disrupt drone operations before technology or force is required. 

JIATF 401 also points readers to external resources such as the Cybersecurity and Infrastructure Security Agency’s “Be Air Aware” materials, and emphasizes that the document is not a universal standard but a starting point for site-specific security assessments. 

The guide is notable because it treats drones not only as systems to be detected and defeated, but as a lens for rethinking how physical infrastructure is built and used. In practice, that means more conversations between UAS operators, C-UAS providers, base defenders and civilian venue managers about how standoff, line-of-sight and human factors combine long before a jammer or interceptor is brought into the mix.