Integrating CARVER Vulnerability Assessment Methodology with BIM for Security-by-Design in Critical Infrastructure Projects

Andrzej Szymon Borkowski; Gabriela Buniewicz

doi:10.20944/preprints202602.0331.v1

Submitted:

04 February 2026

Posted:

04 February 2026

You are already at the latest version

Abstract

This paper presents the concept and implementation of the BIM–CARVER tool, which integrates the CARVER vulnerability assessment methodology (Criticality, Accessibility, Recuperability, Vulnerability, Effect, Recognizability) with an open BIM environment based on the IFC standard. Originally developed by the US military for target analysis, the CARVER methodology has evolved into a defensive tool for protecting critical infrastructure. Traditionally, physical security assessments of buildings are performed manually, separately from the digital model, which contradicts the principles of Security by Design, which assume that security aspects should be taken into account at the early stages of design. As part of research conducted in accordance with the Design Science Research methodology, a plugin for the Bonsai platform (BlenderBIM) was developed, enabling the assignment of vulnerability assessments to individual elements of the IFC model according to six CARVER criteria on a scale of 1-10, visualization of results directly in the modeling environment, and generation of security reports in HTML format. The tool was validated on a set of ten building models of varying purpose and complexity. The results confirmed the effectiveness of the tool in systematically identifying and classifying building elements into four risk categories: critical, important, significant, and insignificant. The developed solution supports designers and security specialists in the proactive identification of threats and enables the comparison of design variants in terms of the aggregated risk level, contributing to the implementation of Security by Design principles in design practice.

Keywords:

BIM (Building Information Modeling)

;

CARVER

;

vulnerability assessment

;

physical security

;

IFC

;

Security by Design

;

critical infrastructure

;

Bonsai

Subject:

Engineering - Architecture, Building and Construction

1. Introduction

1.1. Research Background

The Architecture Engineering Construction Owners Operators (AECOO) sector faces the growing challenge of integrating various aspects of physical security into the building design process [1]. Traditionally, security assessments are carried out as evaluations, usually after the design has been completed, which often results in costly modifications and compromises in architectural design or insufficient protection of critical resources [2]. This reactive approach contradicts the established principle that decisions made early in the design process have the greatest impact on project outcomes while generating the lowest implementation costs [3]. Building Information Modeling (BIM) has revolutionized the AECOO industry by enabling the creation of intelligent, semantically rich digital representations of buildings throughout their lifecycle [4]. BIM supports interdisciplinary collaboration, collision detection, energy analysis, and, increasingly, facility lifecycle management [5]. However, despite its versatile capabilities, the integration of systematic physical security assessment into BIM workflows remains significantly underdeveloped. Current BIM standards, such as the multi-part ISO 19650 standard based on PAS 1192-5, focus primarily on cybersecurity issues related to the protection of digital building data, rather than the physical security of the building itself [6].

Security specialists have developed robust vulnerability assessment methodologies, among which the CARVER matrix (Criticality, Accessibility, Recuperability, Vulnerability, Effect, Recognizability) is one of the best known and most widely used tools [7]. Originally developed by the US military for offensive target analysis, this methodology has evolved into a defensive methodology used to protect critical infrastructure around the world [8]. The CARVER method evaluates assets according to six criteria, namely: Criticality, Accessibility, Recuperability, Vulnerability, Effect, and Recognizability, thereby generating a quantitative score that enables the systematic prioritization of security investments [7]. Despite the maturity and proven effectiveness of both BIM and CARVER when considered separately, there is a significant gap in their integration. Security assessments using CARVER are typically performed manually, in isolation from the digital building model, and conducted late in the project lifecycle when fundamental design changes are prohibitively expensive [9]. This discrepancy represents a missed opportunity to leverage the rich geometric and semantic information contained in BIM models for proactive security planning.

The convergence of several contemporary trends makes this integration particularly timely. First, the ongoing digitization of the built environment through concepts such as Digital Twins creates opportunities for continuous safety monitoring during the operational phase [10]. Second, growing threats to critical infrastructure, from terrorism to internal threats, require a more systematic approach to security-conscious design [11]. Third, the development of open data exchange standards, such as Industry Foundation Classes (IFC), enables the creation of interoperable tools that extend the functionality of BIM platforms [12].

1.2. Security by Design

The concept of Security by Design assumes that aspects of facility protection should be an integral part of the design process from its earliest stages, rather than an addition introduced after the completion of the basic conceptual work [13]. This approach stems from the broader philosophy of Prevention through Design (PtD), which was adapted in the context of occupational health and safety in construction and then extended to issues of physical protection of facilities. The fundamental premise of Security by Design is the recognition that architectural and engineering decisions made at the conceptual stage have a key impact on the level of security of a facility throughout its entire life cycle . The location of entrances, the layout of communication routes, the arrangement of rooms with varying degrees of sensitivity, the choice of facade materials, and the land development plan—all these elements determine the vulnerability of a building to potential threats. Modifying these elements after construction is technically complicated and economically inefficient [14].

The implementation of Security by Design principles requires effective tools for assessing and visualizing security aspects at the design stage. Traditional methods based on two-dimensional documentation and manual reviews are time-consuming and prone to oversights. In this context, BIM offers significant potential, as a three-dimensional building model enriched with non-graphical information and a semantic layer can serve as a platform for automatic security analysis [15]. Previous attempts to integrate Security by Design with BIM have focused mainly on selected aspects, such as evacuation route analysis and fire spread simulations [16]. However, there is a lack of a comprehensive approach that would enable a systematic assessment of the vulnerability of building elements according to a standardized methodology that works best in an interoperable BIM environment.

1.3. Research Gap and Purpose of the Study

A preliminary analysis of the literature reveals a significant research gap in three areas: methodologies for assessing the vulnerability of buildings, BIM, and the Security by Design philosophy. Although each of these areas is well developed individually, there is no integrated approach that would enable automatic assessment of the physical security of buildings using the standardized CARVER methodology directly in the BIM environment. Previous research on security in the context of BIM has focused primarily on selected aspects such as fire safety, evacuation, and cybersecurity of design data. A comprehensive assessment of the vulnerability of building elements to various physical hazards, taking into account criteria such as criticality, accessibility, reproducibility, and recognizability, has not yet been implemented in the form of a tool operating in an open, interoperable BIM environment. Existing solutions are fragmentary and do not provide a systematic approach to prioritizing safety investments at the design stage.

The aim of this work was to develop and validate a tool integrating the CARVER methodology with an open BIM environment based on the IFC standard. The implementation of this objective includes: (i) adapting the CARVER criteria to the specifics of digital building models, (ii) designing and implementing a plugin for the Bonsai (Blender BIM) platform that enables the assignment and visualization of vulnerability assessments for individual model elements, (iii) developing a mechanism for generating security reports, and (iv) validating the tool using a case study. The proposed solution aims to enable designers and security specialists to proactively identify and mitigate threats early in the design process, in accordance with the principles of Security by Design.

2. Literature Review

2.1. CARVER—History, Applications, Limitations

The CARVER methodology is one of the most widely used methodologies for assessing the vulnerability of critical infrastructure in the world [17]. The origins of this methodology date back to World War II, when the Office of Strategic Services (OSS) developed the original version of the system called CARVE as a tool for selecting targets for agents operating in occupied France. This system enabled a relatively uniform and quantifiable assessment of potential targets in terms of their neutralization potential [7]. During the Vietnam War, the United States Army Special Forces adapted and developed the CARVE methodology as a target acquisition system that allowed targets to be ranked according to a specific scale [18]. In 1976, the methodology was expanded to include a sixth dimension, Recognizability, thus creating the acronym CARVER in its current form. The key innovation was the transformation of an offensive tool into a defensive methodology, based on the assumption that knowledge of how to attack targets can be used to protect them [17].

The CARVER methodology is based on the assessment of resources according to six criteria, each of which is given a numerical value on a scale of 1-5 or 1-10 [8,19]. Criticality refers to the importance of a given resource for the functioning of the system and the potential consequences of its destruction. Accessibility determines how easy it is for a potential attacker to reach the target. Recuperability measures the time required to repair, replace, or bypass the damaged component. Vulnerability assesses the effectiveness of security systems in relation to the capabilities of the adversary. Effect refers to the extent of direct losses resulting from an attack. Recognizability determines how easy it is for a potential attacker to identify the target.

Greaver and colleagues [17] proposed expanding the CARVER methodology by integrating it with Saaty's Analytic Hierarchy Process (AHP), creating what is known as CARVER 2.0. This research showed that the introduction of a criterion weighting scheme by decision-makers leads to more reliable results than the traditional approach of assigning equal weight to all criteria. Sensitivity analysis confirmed the robustness of the results obtained using the AHP method, ensuring a consistency ratio (CR) below 0.1.

Despite its widespread use, the CARVER methodology has significant limitations. The main problem is the subjectivity of assessments, leading to significant discrepancies in results between different teams evaluating the same object. Research on risk assessment practices for critical infrastructure protection indicates that contemporary risk assessment models and processes do not sufficiently take into account the specific nature of cross-border critical infrastructure and the impact of decision-making heuristics on the assessment process itself. The CARVER methodology was originally developed as a rapid tool for assessing inherent risk in field conditions and does not provide a comprehensive analysis of all potential threats. Another limitation is the lack of standardization of assessment scales across different sectors, which makes it difficult to compare results. Liu et al. [19] point out that vulnerability assessment requires consideration not only of the physical and symbolic characteristics of the asset, but also of existing security measures, which adds additional complexity to the assessment process. Despite these limitations, the CARVER methodology remains a valuable tool due to its simplicity, repeatability, and the ability to quantify results. Its main advantage is that it allows one to think from the perspective of a potential adversary, which makes it possible to identify the most attractive targets for attack and to target appropriate protective measures accordingly. The integration of CARVER with modern digital technologies, including BIM, opens up new opportunities for the systematic application of this proven methodology in the context of security-conscious design.

2.2. BIM in the Context of Security

BIM, as a platform integrating geometric and semantic information about a building, is finding increasingly wider application in the area of building security management. A systematic review of the literature [20] indicates that the last decade has seen a dynamic increase in the number of scientific publications combining BIM with safety in construction, with the dominant research directions being knowledge-based solutions, automatic compliance checking with safety regulations, and proactive hazard identification models. Previous research on the use of BIM in the context of safety has focused primarily on occupational health and safety during construction projects and on fire safety during the operation of buildings. In the field of fire safety, Sun and Turkan [21] developed a BIM-based simulation platform that integrates the Fire Dynamics Simulator with agent-based modeling to analyze factors affecting evacuation efficiency. This model simulates the spread of fire and the evacuation behavior of building occupants, providing data for optimizing designs in terms of safety. The use of BIM in evacuation planning was developed by Deng and colleagues [22], who proposed a framework using data from the IFC model to automatically construct a geometric network model for emergency navigation. The integration of BIM with computer vision systems enables the positioning of people inside a building and the dynamic adjustment of evacuation routes depending on the development of the fire situation. This approach takes into account the available local evacuation time, which allows for the selection of not only the shortest route, but above all the safest one. Another important area of research is the integration of BIM with the PtD concept, which assumes that safety aspects are taken into account already at the design stage. Labadan and colleagues [23] conducted an analysis of factors influencing the adoption of BIM in the context of PtD, pointing to the potential of this technology in supporting the safety assessment of buildings. At the same time, this research revealed that designers often lack sufficient knowledge of safety, which limits the effectiveness of implementing PtD principles in design practice. In the context of physical protection of facilities against external threats, including acts of terrorism, research on the use of BIM is much less advanced. Existing work focuses mainly on the cybersecurity of BIM models and collaborative platforms themselves, rather than on the physical security of the represented facilities. Das et al. [24] identified seven components of BIM security and defined three levels of data protection in collaborative environments, while pointing out the risk that inappropriate distribution of sensitive information contained in BIM models could potentially lead to threats to the physical security of facilities. This paradox, where technology designed to improve security can simultaneously pose a threat, requires further research into methods of integrating physical vulnerability assessment with BIM workflows.

2.3. Existing Risk Assessment Methods in BIM

In the context of risk management in BIM, previous research has focused mainly on three areas: automatic compliance checking, construction risk assessment, and expert knowledge-based systems. Solihin and Eastman [25] proposed a systematic classification of rules for automatic compliance checking of BIM models, distinguishing five main categories of applications: model correctness verification, building code compliance checking, customer requirements verification, feasibility checking, and automatic safety rule checking with the possibility of software-based corrective actions. This classification also takes into account the complexity of rule processing, from simple checks of individual parameters to advanced analyses requiring spatial and temporal reasoning. The researchers pointed out that the IFC standard provides an adequate basis for automatic compliance checking, but at the same time noted the problem of insufficient detail in typical BIM models. In terms of safety risk assessment at the design stage, Lu et al. [26] developed an integrated construction risk assessment model using three indicators: probability of occurrence, consequences, and exposure. These indicators are calculated based on occupational accident data and project-specific planning information, ensuring objectivity and accuracy of the assessment. The authors developed a plug-in for the Autodesk Revit platform that enables automatic calculation of safety risks, thus supporting architects and designers in quickly selecting design options that optimize construction safety. This approach is in line with the PtD concept, the effective implementation of which requires resolving technical issues related to the integration of risk data with the parametric BIM environment. Research by Drozd and Kowalik [27] also indicates that the awareness of construction managers in the field of occupational health and safety is critical to the effective implementation of risk management systems, which implies the need to take the human factor into account in the design of BIM tools supporting safety assessment.

At the same time, systems based on expert knowledge are being developed, integrating safety rule libraries with BIM platforms. Hossain and colleagues [28] have developed a Design-for-Safety knowledge library for integrated safety risk reviews in the BIM environment. Knowledge about leading safety indicators is extracted from expert opinion, documentation, and best practices, and then relationships are established between these indicators, activities, and their attributes. The developed tool generates a heat map visualizing the impact of safety indicators on a rolling basis and produces a text report, enabling safety managers to make informed decisions about risk reduction. Another direction of research is the integration of BIM with semantic technologies, in particular knowledge graphs. Automatic compliance checking requires the conversion of normative records into a language understandable to a computer, which is achieved through natural language processing techniques and knowledge representation in the form of ontologies [29]. This approach allows for the automatic invocation of specification standards during the BIM model review process, verification of design compliance with requirements, and generation of review reports [30]. However, ensuring the availability and completeness of data in BIM models remains a significant challenge, as current models typically do not contain the level of detail required for automatic regulatory compliance checking. On the other hand, publishing BIM standards can facilitate the implementation of construction projects in BIM, and their compilation allows for the improvement and specification of requirements [31].

Despite significant progress in the area of automatic risk assessment in the BIM environment, existing solutions have significant limitations in the context of assessing vulnerability to physical threats. First, the vast majority of studies focus on occupational safety during construction projects rather than the physical safety of facilities during operation. Secondly, existing systems are based on building regulations and fire safety standards, without taking into account a comprehensive vulnerability assessment according to standardized methodologies used in critical infrastructure protection. Thirdly, there is a lack of tools for systematic building analysis, which is a fundamental assumption of the CARVER methodology. This gap justifies the need to develop a new approach that integrates the proven CARVER vulnerability assessment methodology with the technological capabilities of BIM in an open, interoperable environment.

3. Methodology

3.1. BIM–CARVER (Design Science Research)

This study was conducted in accordance with the Design Science Research methodology, which is a research approach in the field of information systems and software engineering. This methodology focuses on the design, creation, and evaluation of innovative IT applications that solve identified practical problems, while utilizing and creating scientific knowledge. In the context of this work, the application is the BIM–CARVER tool, a plug-in that integrates the CARVER vulnerability assessment methodology with an open BIM environment based on the IFC standard.

The research process was carried out in five iterative phases characteristic of Design Science Research. In the first phase, the research problem was identified and defined, namely the lack of tools enabling the systematic assessment of the vulnerability of building elements to physical hazards directly in the BIM environment. A literature review and consultations with security experts confirmed the significance of this problem and the need for a solution that integrates proven risk assessment methodologies with modern digital technologies, including BIM.

In the second phase, the objectives of the solution were formulated, including the adaptation of CARVER criteria to the specifics of digital building models, the implementation of a mechanism for assigning ratings to IFC model elements, the visualization of assessment results directly in the modeling environment, and the generation of safety reports in a format that allows for further analysis and documentation. These objectives were defined based on the functional requirements identified during a literature review and analysis of existing BIM risk assessment solutions.

The third phase involved product design and development. Bonsai (formerly BlenderBIM), an open-source BIM add-on for the Blender environment that provides full support for the IFC standard and allows for functionality expansion through Python scripts, was selected as the implementation platform. This choice was dictated by the desire to ensure the interoperability of the solution and its availability to a wide range of users without the need to incur licensing costs. The plugin architecture was designed to be modular, with separate components responsible for the user interface, CARVER assessment logic, data management, and report generation.

The fourth phase consisted of calibrating, evaluating, and validating the developed solution. For this purpose, a test model of the building was prepared in IFC format, which was used to calibrate the tool and verify the correct implementation of individual functionalities. This model, shown in Figure 1, contains typical elements of a public building, enabling comprehensive testing of the mechanisms for identifying critical elements, assigning ratings according to CARVER criteria, and visualizing the results. The evaluation included technical verification of the correct operation of the plug-in.

The fifth phase is the communication of research results in accordance with the assumptions of Design Science Research. The developed solution has been documented in a way that allows for its replication and further development by the research community and practitioners. The source code of the plugin has been made available under an open license, which is in line with the open software philosophy characteristic of the Bonsai ecosystem and the IFC standard.

The iterative nature of the Design Science Research methodology was reflected in the development process of the BIM–CARVER tool. Subsequent versions of the prototype were tested and modified based on feedback obtained during the evaluation, which allowed for the gradual improvement of both the functionality and usability of the solution. Particular attention was paid to ensuring the intuitiveness of the user interface so that the tool could be used effectively by designers without specialist knowledge of vulnerability assessment methodologies, while maintaining the methodological rigor required by security experts.

3.2. Conceptual Assumptions

The developed BIM-CARVER tool required the formulation of a number of conceptual assumptions determining the manner of adapting the CARVER methodology to the BIM environment and the functional scope of the implemented solution. These assumptions were developed based on an analysis of the original CARVER methodology, the specificity of IFC models, and the practical requirements related to the safety assessment of buildings at the design stage. The fundamental conceptual assumption is to treat a building element as the basic unit of assessment. In contrast to the traditional application of the CARVER methodology, where entire facilities or critical infrastructure systems are assessed, in the proposed approach, the assessment is carried out at the level of individual elements of the IFC model, such as walls, doors, windows, installations, or technical devices. This approach allows for the precise identification of the most vulnerable components of a building and the targeting of mitigation measures at specific design elements. The granularity of the assessment can be adjusted to the needs of the analysis, from individual elements to aggregations at the level of rooms, zones, or floors.

The second key assumption is to preserve the original structure of the six CARVER criteria while adapting their interpretation to the construction context. Criticality refers to the importance of a given element for the functioning of the building and the performance of its basic functions. Accessibility determines the ease with which a potential intruder can physically reach an element, taking into account its location in the building, access control systems, and architectural barriers. Replaceability measures the time and cost required to repair or replace an element in the event of damage or destruction. Vulnerability assesses the effectiveness of existing or planned security measures in relation to potential methods of attack. Impact refers to the extent of the consequences of a successful attack on a given element, including the effects on building users and the continuity of its operation. Recognizability determines the ease with which an element can be identified as a potential target by a person unfamiliar with the layout of the building.

The third assumption is the adoption of a ten-point rating scale for each criterion, where one represents the lowest level of risk and ten represents the highest. The choice of this scale ensures sufficient precision in the assessment, allowing subtle differences between elements with similar levels of vulnerability to be captured. The ten-point scale is commonly used in professional applications of the CARVER methodology and allows for a more nuanced analysis than the five-point scale, while remaining intuitive for the assessor. The final score for each element is the sum of the scores for all six criteria, resulting in a range from six to sixty points.

The fourth conceptual assumption is the possibility of weighting criteria depending on the specifics of the assessed object and the context of threats. By default, all criteria are treated equally, but the user can assign different weights to individual criteria to reflect the security priorities for a given type of object. For example, for public buildings with high traffic, the effect criterion may be of particular importance, while for facilities storing valuable resources, accessibility and recognizability may be a priority.

The fifth assumption is the integration of the CARVER assessment with the semantics of the IFC model. The tool uses information contained in the model, such as the classification of elements, their spatial location, relationships with other elements, and assigned properties, to support the assessment process. BIM models provide a wide range of analytical capabilities that go beyond traditional design coordination applications and include, among others, performance, energy, and spatial analyses [32]. The quality and completeness of the input data is crucial for the reliability of the analysis, which is particularly important in the case of inventory models created on the basis of geodetic measurements, where parameters such as point cloud density and geometric accuracy determine the ability to reproduce architectural details [33]. In a semantically correct BIM model, it is possible to automatically suggest values for certain criteria based on the characteristics of the element, although the final decision always remains with the evaluator. In addition, the evaluation results are saved as non-standard sets of IFC element properties, which ensures data durability and the possibility of exchanging them between different applications that support the IFC standard.

The sixth assumption is the visualization of assessment results directly in BIM. Building elements are colored according to their assigned risk level, allowing for intuitive identification of areas requiring special attention. A color scale from green through yellow and orange to red has been adopted, with warm colors indicating a higher level of risk. This visualization supports communication between designers and safety specialists and facilitates decision-making regarding design modifications.

The seventh assumption is to generate security reports in a format that allows for further analysis and documentation. The reports contain a summary of all assessed elements, along with the values of individual criteria, the aggregate result, and the assigned risk category. The HTML format was chosen for its versatility, the ability to view it without specialized software, and its ease of conversion to other document formats. The reports can be attached to the design documentation or used as a basis for further comparative analysis of design variants.

3.3. Plugin Components

The architecture of the BIM–CARVER tool has been designed in a modular way, with four main functional components: the user interface module, the CARVER assessment module, the visualization module, and the reporting module. This structure ensures code transparency, facilitates the expansion and modification of individual elements, and allows for independent testing of each component. The user interface module is the presentation layer of the tool and has been implemented as a side panel in the Blender environment, accessible from the BIM tools tab. The interface, shown in Figure 2, has been designed for intuitive use and to minimize the number of steps required to perform an assessment. The main panel contains a section for selecting elements for assessment, allowing the selection of individual objects, groups of elements by IFC type, or entire building zones. Below is the CARVER assessment form section. Part of the panel contains action buttons for saving the assessment, clearing the form, launching the visualization, and generating a report.

The BIM–CARVER assessment module is responsible for the business logic of the tool and the management of assessment data. This component performs several key functions. First, it validates the entered data by checking the correctness of the assessment values and the completeness of the required information. Second, it calculates the aggregate score as the sum of the scores for six criteria, with the option of taking into account the weights assigned to individual criteria. Third, it classifies elements into one of four risk categories based on the aggregate score: critical elements, important elements, significant elements, and elements that are insignificant from a safety perspective. The classification thresholds are set based on the distribution of possible scores and can be adjusted by the user in the tool settings. Fourth, the module manages data persistence by saving assessment results as custom property sets assigned to IFC elements. For this purpose, the Property Sets mechanism of the IFC standard was used to create a dedicated set of properties called Pset_CARVER_Assessment containing fields for each criterion, aggregate result, risk category, and assessment metadata such as the date of assessment and assessor ID.

The visualization module is responsible for the graphical representation of assessment results directly in the three-dimensional building model. This component operates on the materials and colors of objects in the Blender environment, assigning colors to elements corresponding to their risk category. An intuitive color scale modeled on traffic lights has been used: green for non-critical elements, yellow for critical elements, orange for important elements, and red for critical elements. The module also allows switching between BIM–CARVER visualization mode and the original model appearance, enabling quick comparison of the analytical view with the design view. In addition, a function has been implemented to filter the displayed elements by risk category, allowing isolation and detailed analysis of only the elements with the highest level of vulnerability. The visualization is automatically updated after each modification of the assessment, providing ongoing feedback to the user.

The reporting module generates documentation of the assessment results in HTML format. The report contains several information sections. The report header presents basic information about the assessed project and the date of the assessment. The summary section presents summary statistics, including the number of assessed elements, the distribution of elements by risk category, and the average aggregate score. The main part of the report is a table containing a list of all assessed elements along with their IFC identifiers, element type, CARVER criteria values, aggregate score, and assigned risk category. The table can be sorted by any column, which makes it easy to identify the elements with the highest values for each criterion. The final section of the report contains a legend explaining the rating scale used and definitions of risk categories. The generated report is saved in a location specified by the user and can be opened directly in a web browser or imported into a text editor for further editing and formatting.

Communication between components is achieved through a common data model stored in Blender environment structures and in an IFC file. The user interface module transmits input data to the assessment module, which updates the properties of IFC elements after processing. The visualization module reads data directly from the properties of elements, responding to changes through an event observer mechanism. The reporting module retrieves data from the IFC model at the time of report generation, ensuring consistency between the report content and the current assessment status. This architecture ensures loose coupling between components and allows them to be modified independently without affecting other elements of the system.

4. Results and Case Study

4.1. Identification of Critical Elements

The calibration of the developed BIM–CARVER tool was carried out on a test model of a public building in IFC format, which was prepared specifically for the purposes of this case study. The model represents a three-story office building with a usable area of approximately two thousand square meters, containing rooms and technical installations typical for this type of facility. The choice of an office building as the subject of analysis was dictated by the prevalence of this type of facility in the building stock and the representativeness of the elements found in them for a broader category of public buildings.

The process of identifying critical elements began with a systematic review of all components of the IFC model using the filtering functions available in the BIM-CARVER tool. First, elements belonging to the category of potentially important from the point of view of physical security were identified, including building entrances, technical infrastructure elements, special-purpose rooms, and vertical and horizontal communication systems. A total of 123 elements requiring detailed assessment according to the CARVER methodology were identified, representing approximately 15% of all elements contained in the model.

Among the identified critical elements, particular attention was paid to the main entrance to the building with its glass entrance doors and the adjacent reception area, which constitute a natural access control point and, at the same time, a potential target for attack due to their high accessibility and recognizability. The server room located on the ground floor of the building, the main electrical switchboard, and the heat distribution unit were also identified as elements of increased importance, as damage to them could result in the interruption of the entire facility's operations. The category of important elements includes staircases, which are the only vertical escape routes, the elevator shaft with the machine room, and technical rooms containing ventilation units.

An analysis of the spatial distribution of the identified critical elements showed that they are concentrated on the ground floor and in the technical areas of the building. This distribution is typical for office buildings, where most of the critical infrastructure is located on the ground floor for functional and economic reasons. At the same time, this location increases the accessibility of these elements to potential intruders, which is reflected in the higher accessibility criteria values in the CARVER assessment. The visualization of the identification results, shown in Figure 3, shows the spatial distribution of elements according to assigned risk categories, where red indicates critical elements with the highest aggregate assessment score, orange indicates important elements, yellow indicates significant elements, and green for elements considered insignificant from the point of view of security analysis.

The identification process allowed for the creation of a hierarchy of building elements in terms of their importance for the physical security of the facility. Elements classified as critical, accounting for approximately eight percent of all assessed components, require priority consideration in the planning of protective measures. Important elements, accounting for seventeen percent, should be covered by standard security procedures. The remaining elements, although included in the analysis, do not require special security measures beyond typical design solutions. This stratification allows for the rational targeting of limited security resources to areas of highest risk, which is consistent with the fundamental assumptions of the CARVER methodology and the principles of effective infrastructure security management.

4.2. CARVER Assessment for Each Element

After the identification of critical elements was completed, a detailed assessment of each of the identified components was carried out according to the six criteria of the CARVER methodology. The assessment was performed using the developed BIM-CARVER tool, which enabled the systematic assignment of numerical values on a scale from one to ten for each criterion and the automatic calculation of the aggregate result. The assessment process covered 123 elements identified in the previous stage of the analysis and was carried out by a two-person team consisting of a designer with experience in working with BIM models and a physical security specialist.

A key feature of the BIM–CARVER tool is the automatic generation of a security report in HTML format, an excerpt of which is shown in Figure 4. The report consists of several sections providing a comprehensive overview of the analysis. The document header contains basic information about the assessed project, the date of the assessment, and the identifier of the assessment team. The summary section presents aggregate statistics covering the total number of assessed elements, the percentage distribution of elements by risk category, and the average aggregate score for the entire model.

The main part of the report is a table containing a list of all assessed elements along with their IFC identifiers, element type according to the standard classification, values of individual CARVER criteria marked as C, A, R, V, E, and R, the aggregate score being the sum of these values, and the assigned risk category. The table can be sorted by any column, which facilitates the identification of elements with the highest values for individual parameters and supports the decision-making process regarding the allocation of funds for security measures. Color coding of rows corresponding to risk categories ensures intuitive navigation and quick identification of items requiring priority attention.

The final section of the report contains a legend explaining the rating scale used, definitions of individual CARVER criteria, and thresholds for classification into risk categories. The generated report is saved in a location specified by the user and can be opened directly in a web browser or imported into a text editor for further editing and formatting. The HTML format ensures universal access without the need to install specialized software and allows for easy conversion to other document formats. The report constitutes documentation of the analysis performed, which can be attached to the project documentation as part of the justification for the physical security solutions adopted for the facility.

4.3. Tool Validation

The final step after calibration and evaluation was the validation of the BIM–CARVER tool, which was performed on a set of ten selected building models saved in the IFC standard, representing different types of facilities and levels of geometric and semantic complexity. The selection of test models was dictated by the desire to verify the universality of the tool in the context of different building purposes, which is why the tests covered single-family, multi-family, and commercial buildings. Examples of building models are shown in Figure 5. The collection included models with a wide range of usable floor space, which made it possible to assess the scalability of the tool in relation to projects of different sizes. Furthermore, the models used were developed at different levels of detail, which also allowed the tool to be considered from the perspective of different stages of the design phase (from concept to design during the investment). The use of different types of buildings in the tests made it possible to assess the usefulness of the model in the analysis of buildings in terms of the role of individual elements in the structure of the entire building and the needs related to their possible protection.

The validation process was carried out by checking the correctness of the tool's operation along with the consistency of the results obtained after automatic evaluation and visual coloring of the elements. Correctness was verified by checking the stability of the plugin's operation when assigning ratings to model elements and by checking the export of generated reports. The consistency of the results was assessed by verifying the similar repeatability of the classification of a given type of element into a risk category, which was possible thanks to the assessment of multiple models.

The validation demonstrated the effectiveness of the tool in the automatic identification and assessment of building element risks from a physical safety perspective. The tool classified all indicated elements subject to safety assessment, regardless of their geometric complexity and the number of objects contained in all analyzed IFC models. A summary of the validation results is presented in Table 1, which contains the characteristics of individual test models along with the obtained average risk ratings, divided into four risk categories. The average aggregate risk score for the entire validation set was 26.5 points, with values for individual models ranging from 21.8 to 33.8 points. An analysis of the distribution of elements by category showed that 0% of the assessed elements were classified as critical, and on average 16.5% as important, 67% as significant, and 16.5% as insignificant in considering the physical security of buildings.

Analysis of the validation results revealed certain regularities in the distribution of CARVER ratings. In general, based on the aggregate score, the building models were mostly classified into the risk category of important elements (e.g., doors, windows, curtain walls) or significant elements (e.g., load-bearing walls and partition walls, ceilings). Each of the ten models was assigned a rating in these categories. The same average rating as the important elements category (16.5%) was given to the insignificant category, where only half of the models received a low risk rating, which was assigned to the building components. In addition, the number of all model components had a significant impact on the results obtained, which significantly affected the aggregate risk value. A correlation can be identified where the greater the number of elements, the greater the likelihood of elements from the insignificant risk category being identified in the assessment. Therefore, the function of the building and, consequently, the design and construction solutions used (e.g., the use of numerous muntins, which were assigned to the insignificant risk category during the validation process) may also have a strong impact, potentially underestimating the result. However, no critical elements were identified, which could have been due to the types of products used from individual manufacturers, and this in turn could also have significantly underestimated the average value of the aggregate risk.

In the case of an actual assessment of a building in accordance with the Security by Design principles, it would be crucial for the user to take into account other necessary components and determinants affecting the final assessment of the physical security of the building. Risk assessment factors may additionally include the importance of the analyzed facility and the potential consequences of its compromise, which could significantly affect the final CARVER criteria values. Furthermore, the fundamental assumptions of the concept based on the early stage of the project would have a positive impact on supporting decision-making processes and selecting optimal design solutions, including the aspect of security planning.

4.4. Selected Comparison of Design Variants in Terms of Aggregate Risk

An important aspect of using the BIM-CARVER tool is the ability to analyze the impact of selected design variants on the aggregate level of physical security risk of a facility. This allows users to make informed decisions about the selection of building materials and components based on measurable security assessment criteria. To this end, a comparative analysis of three window joinery variants for a selected single-family building model was carried out, assessing the impact of the use of windows with different parameters on the aggregate risk score of the entire facility.

A building model (No. 3) containing seven window components arranged on one floor was selected as the reference object. Three variants of window joinery were defined, differing in terms of manufacturer and, consequently, geometric data and technical specifications. The selected variants had different dimensions and, consequently, different total areas. In addition, they also differed in terms of finishing material. In this case, the plug-in was used as a tool for variant creation and simulation of the potential impact of a given design choice on the overall safety assessment of the building, together with an assessment of the individual components of the assessment. The resulting comparison of variants is presented in Table 2.

A detailed analysis of individual CARVER criteria allowed for the identification of factors determining the variation in ratings between variants. The criticality criterion (C), referring to the importance of the element for the functioning of the building, was assigned a value of 4 for variants A and C and a value of 7 for variant B, which suggests that the use of solution B is associated with a higher perceived importance of the window element for the performance of the basic functions of the building. The accessibility criterion (A), determining the ease of physical access to the element by a potential intruder, showed a similar distribution of values, with variants A and C receiving a score of 7, while variant B had an increased value of 9, indicating greater exposure of this solution to potential attempts at unauthorized access. The vulnerability criterion (V), assessing the effectiveness of security measures in relation to potential attack methods, remained at a similar level for variants A, B, and C (8 and 9), which may reflect the lower resistance of these solutions to specific threat scenarios. The recognizability criterion (R), which determines the ease with which an element can be identified as a potential target by a person unfamiliar with the layout of the building, was 7 for variants A and C and 8 for variant B, suggesting a slightly higher visual exposure of the latter solution. It should be noted that two of the six criteria analyzed remained unchanged for all design variants considered. The reproducibility criterion (R), measuring the time and costs necessary to repair or replace an element, was given a fixed value of 6 regardless of the solution used, indicating a comparable amount of resources required to restore the functionality of a window in the event of damage. Similarly, the effect criterion (E), referring to the extent of the consequences of a successful attack, remained at 4 for all variants, suggesting a similar range of potential security breach consequences regardless of the design solution chosen.

An important aspect of the developed tool was the ability to visually assess the building model directly in the Blender environment. The color scheme of the elements, which varied depending on the assigned risk category, allowed for immediate identification of areas requiring special attention. In addition, the "Selected Element" panel provided an interactive preview of the detailed assessment for the selected component, presenting the values of individual CARVER criteria and the aggregated result together with the risk level classification, as shown in Figure 6.

The comparative analysis of design variants determined the potential of the developed tool in supporting the allocation of resources at the design stage. The CARVER assessment results can be used as a basis for prioritizing activities and capital expenditures, directing designers' attention to elements classified as critical or important, which require the use of solutions with increased safety parameters. At the same time, potential directions for further development of the tool should be indicated, including, among others, taking into account the storeys of a building as an additional factor influencing the risk assessment. For example, the height of an element in relation to ground level may determine the ease of physical access.

The developed tool was designed as a decision support system, therefore the final risk assessment should always be made by the user who has contextual knowledge beyond the data contained in the IFC model. For this purpose, the "Selected Element" panel allows not only for previewing, but also for manual correction of the values of individual CARVER indicators, allowing for the adjustment and modification of the generated assessments to specific design conditions, local safety requirements, or the individual expertise of the analyst. This approach combines the advantages of a systematic assessment tool with the flexibility of expert assessment, ensuring a balance between the objectivity of the methodology and the need to take into account factors that are difficult to quantify.

5. Discussion and Conclusions

The research confirmed the possibility of effective integration of the CARVER vulnerability assessment methodology with an open BIM environment based on the IFC standard. The developed BIM–CARVER tool responds to the identified research gap concerning the lack of solutions enabling systematic assessment of the physical security of buildings directly in the building information modeling environment. Validation carried out on a set of ten test models demonstrated the stability of the plugin and the consistency of the results obtained in classifying elements into specific risk categories, confirming the technical feasibility of the proposed approach.

The results obtained correspond to previous research on the use of BIM in the context of safety. While previous work has focused mainly on fire safety [16,21,22] and occupational safety during construction [23,26], this study extends the scope of BIM applications to include a comprehensive assessment of vulnerability to physical threats using the standardized CARVER methodology used in critical infrastructure protection. This approach is in line with the proposals formulated by researchers involved in the integration of Security by Design principles into the building design process [13,14], allowing security aspects to be taken into account at the early stages of the project life cycle, when the costs of making changes are lowest [3].

An important achievement is the adaptation of CARVER criteria to the specifics of digital building models. Unlike the traditional application of the methodology, where entire objects or systems are assessed [7,8], in the proposed approach, the assessment is carried out at the level of individual elements of the IFC model. Such granularity allows for the precise identification of the most vulnerable components of a building and the targeting of mitigation measures at specific design elements. At the same time, the original structure of the six CARVER criteria has been retained, ensuring consistency with established critical infrastructure vulnerability assessment practices and enabling comparability of results with assessments carried out using traditional methods.

The choice of the Bonsai platform as the implementation environment proved to be the right one for several reasons. First, the open-source nature of this tool ensures the availability of the solution to a wide range of users without the need to incur licensing costs, which is particularly important in the context of promoting Security by Design principles in design practice. Secondly, full support for the IFC standard guarantees interoperability with other BIM applications, enabling the exchange of models with assigned safety assessments between different participants in the design process. Thirdly, the ability to extend functionality through Python scripts allowed for the implementation of all planned components of the tool in a modular and easily expandable manner.

A comparative analysis of design variants demonstrated the practical usefulness of the tool in the decision-making process regarding the selection of building materials and components. The ability to simulate the impact of different design solutions on the aggregate risk level supports informed decisions by designers and investors, enabling the optimization of the design in terms of physical safety while taking into account budgetary and functional constraints. The visualization of results directly in a three-dimensional building model facilitates communication between designers and security specialists, who traditionally operate in different languages and tools.

Despite the results achieved, the research has certain limitations that need to be taken into account when interpreting the results. First, the validation was carried out on building models with a relatively simple functional structure, which may limit the generalizability of the conclusions to highly complex facilities such as hospitals, data centers, or critical infrastructure facilities. Secondly, the CARVER criteria assessment was carried out by a limited research team, which did not allow for full verification of the repeatability of results between independent assessment groups. The subjectivity of assessments is an inherent limitation of the CARVER methodology [17,19], which has not been fully overcome by the developed tool. Thirdly, the automatic suggestion of criterion values based on IFC element characteristics requires further refinement, as the current implementation is based on simplified rules that may not take into account all relevant factors affecting the vulnerability of an element.

The prospects for further development of the BIM–CARVER tool include several research and implementation directions. The first is the expansion of the automatic suggestion mechanism through the use of machine learning techniques trained on data sets from actual security assessments carried out by experts. The second direction is integration with external sources of threat data, such as security incident databases or crime risk maps, which would allow for contextualization of the assessment in relation to the location of the building. The third direction is to extend the functionality with a mitigation measures recommendation module, which would suggest specific design solutions to reduce the level of risk based on identified vulnerabilities. The fourth direction is to develop a mechanism for weighting criteria using the AHP method in accordance with the CARVER 2.0 approach [17], which would allow the assessment to be adapted to specific security priorities for different types of facilities.

In summary, this work contributes to the state of knowledge in the field of integrating security assessment methodologies with BIM technology. The developed BIM–CARVER tool fills an identified research gap by offering a practical solution for the systematic assessment of building elements' vulnerability to physical threats directly in the modeling environment. The approach based on the open IFC standard and the open-source Bonsai platform ensures the interoperability and accessibility of the solution, promoting the dissemination of Security by Design principles in the AECOO industry. The validation results confirm the technical feasibility and practical usefulness of the tool, providing a basis for further research on the automation of security assessment in the building life cycle and integration with the concept of digital twins, enabling continuous monitoring of risk levels during the operation phase of a facility.

Author Contributions

Conceptualization, A.S.B.; methodology, A.S.B.; validation, G.B.; formal analysis, A.S.B.; resources, A.S.B. and G.B.; data curation, A.S.B. and G.B.; writing—original draft preparation, A.S.B. and G.B.; writing—review and editing, A.S.B. and G.B.; visualization, A.S.B. and G.B.; supervision, A.S.B.; funding acquisition, A.S.B. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

Open research data is available in the Warsaw University of Technology Knowledge Base: https://repo.pw.edu.pl/info/researchdata/WUT8f6d173ddd364ded9ceb38ce12b2901b?r=researchdata&ps=20&tab=&title=Dane%2Bbadawcze%2B%25E2%2580%2593%2BDane%2Bbadawcze%2B%25E2%2580%2593%2BPolitechnika%2BWarszawska&lang=pl.

Acknowledgments

The authors would like to thank the reviewers for their feedback, insightful comments, and assistance in improving the article.

Conflicts of Interest

The authors declare no conflicts of interest.

References

Fennelly, L.J. Effective Physical Security, 5th ed.; Butterworth-Heinemann: Oxford, UK, 2017. [Google Scholar]
Garcia, M.L. The Design and Evaluation of Physical Protection Systems, 2nd ed.; Butterworth-Heinemann: Burlington, MA, USA, 2008. [Google Scholar]
MacLeamy, P. Collaboration, Integrated Information and the Project Lifecycle in Building Design, Construction and Operation. The Construction Users Roundtable (CURT), 2004; pp. WP–1202. [Google Scholar]
Borkowski, A.S.; Drozd, W.; Zima, K. The Status of the Implementation of the Building Information Modeling Mandate in Poland: A Literature Review. ISPRS Int. J. Geo-Inf. 2024, 13, 343. [Google Scholar] [CrossRef]
Borkowski, A.S. Digital Twin Conceptual Framework for the Operation and Maintenance Phase in the Building’s Lifecycle. Arch. Civ. Eng. 2024, 70, 139–152. [Google Scholar] [CrossRef]
BSI. PAS 1192-5:2015 Specification for Security-Minded Building Information Modeling, Digital Built Environments and Smart Asset Management. British Standards Institution: London, UK, 2015.
Bencie, L.; Labaj, L. The CARVER Target Analysis and Vulnerability Assessment Methodology; Security Management International: Washington, DC, USA, 2018. [Google Scholar]
U.S. Army. FM 34-36 Special Operations Forces Intelligence and Electronic Warfare Operations; Department of the Army: Washington, DC, USA, 1991. [Google Scholar]
Pärn, E.A.; Edwards, D.J.; Sing, M.C.P. The building information modeling trajectory in facilities management: A review. Autom. Constr. 2017, 75, 45–55. [Google Scholar] [CrossRef]
Boje, C.; Guerriero, A.; Kubicki, S.; Rezgui, Y. Towards a semantic Construction Digital Twin: Directions for future research. Autom. Constr. 2020, 114, 103179. [Google Scholar] [CrossRef]
CISA. Infrastructure Security Division Strategic Plan 2019–2022; Cybersecurity and Infrastructure Security Agency: Washington, DC, USA, 2019. [Google Scholar]
buildingSMART International. Industry Foundation Classes (IFC) Specification. Available online: https://www.buildingsmart.org/standards/bsi-standards/industry-foundation-classes/ (accessed on 15 December 2024).
Nadel, B.A. Building Security: Handbook for Architectural Planning and Design; McGraw-Hill: New York, NY, USA, 2004. [Google Scholar]
Del-Real, C.; De Busser, E.; van den Berg, B. Shielding software systems: A comparison of security by design and privacy by design based on a systematic literature review. Comput. Law Secur. Rev. 2023, 49, 105933. [Google Scholar] [CrossRef]
Borkowski, A.S.; Maroń, M. Semantic Enrichment of Non-Graphical Data of a BIM Model of a Public Building from the Perspective of the Facility Manager. Big Data Cogn. Comput. 2024, 8, 138. [Google Scholar] [CrossRef]
Cheng, M.Y.; Chiu, K.C.; Hsieh, Y.M.; Yang, I.T.; Chou, J.S. BIM integrated smart monitoring technique for building fire prevention and disaster relief. Autom. Constr. 2017, 84, 14–30. [Google Scholar] [CrossRef]
Greaver, B.S.; Raabe, L.; Fox, W.P.; Burks, R.E. CARVER 2.0: Integrating the Analytical Hierarchy Process's multi-attribute decision-making weighting scheme for a center of gravity vulnerability analysis for US Special Operations Forces. J. Def. Model. Simul. 2018, 15, 111–120. [Google Scholar] [CrossRef]
Couretas, J.M. Cyber Offense and Targeting. In An Introduction to Cyber Analysis and Targeting; Springer: Cham, Switzerland, 2022; pp. 145–178. [Google Scholar]
Liu, C.; Tay, S.K. The Security Risk Assessment Methodology. Procedia Eng. 2012, 43, 600–609. [Google Scholar] [CrossRef]
Sidani, A.; Martins, J.; Soeiro, A. BIM Best Practices for Construction Health and Safety: A Systematic Review. Available at SSRN. 2023, 4595455. [Google Scholar]
Sun, Q.; Turkan, Y. A BIM-based simulation framework for fire safety management and investigation of the critical factors affecting human evacuation performance. Adv. Eng. Inform. 2020, 44, 101093. [Google Scholar] [CrossRef]
Deng, H.; Ou, Z.; Zhang, G.; Deng, Y.; Tian, M. BIM and Computer Vision-Based Framework for Fire Emergency Evacuation Considering Local Safety Performance. Sensors 2021, 21, 3851. [Google Scholar] [CrossRef]
Labadan, R.; Panuwatwanich, K.; Takahashi, S. Building Information Modeling for Prevention through Design: An Exploratory Structural Model of Factors Influencing Its Adoption. J. Constr. Dev. Ctries. 2025, 30, 221–246. [Google Scholar] [CrossRef]
Das, M.; Tao, X.; Cheng, J.C.P. BIM security: A critical review and recommendations using encryption strategy and blockchain. Autom. Constr. 2021, 126, 103682. [Google Scholar] [CrossRef]
Solihin, W.; Eastman, C. Classification of Rules for Automated BIM Rule Checking Development. Autom. Constr. 2015, 53, 69–82. [Google Scholar] [CrossRef]
Lu, Y.; Gong, P.; Tang, Y.; Sun, S.; Li, Q. BIM-Integrated Construction Safety Risk Assessment at the Design Stage of Building Projects. Autom. Constr. 2021, 124, 103553. [Google Scholar] [CrossRef]
Drozd, W.; Kowalik, M. A Study on the State of Knowledge of Managers of Construction Sites in the Field of Occupational Safety. MATEC Web Conf. 2019, 262, 07001. [Google Scholar] [CrossRef]
Hossain, M.A.; Abbott, E.L.S.; Chua, D.K.H.; Nguyen, T.Q.; Goh, Y.M. Design-for-Safety Knowledge Library for BIM-Integrated Safety Risk Reviews. Autom. Constr. 2018, 94, 290–302. [Google Scholar] [CrossRef]
Peng, J.; Liu, X. Automated Code Compliance Checking Research Based on BIM and Knowledge Graph. Sci. Rep. 2023, 13, 7065. [Google Scholar] [CrossRef]
Kładź, M.; Borkowski, A.S. IDS Standard and bSDD Service as Tools for Automating Information Exchange and Verification in Projects Implemented in the BIM Methodology. Buildings 2025, 15, 378. [Google Scholar] [CrossRef]
Zima, K.; Mitera-Kiełbasa, E. Employer's Information Requirements: A Case Study Implementation of BIM on the Example of Selected Construction Projects in Poland. Appl. Sci. 2021, 11, 10587. [Google Scholar] [CrossRef]
Siewczyński, B.; Szot, J. Analytical aspects of BIM technology in the architectural education process. A case study from the Poznań University of Technology. Scientific Journal of the Poznań University of Technology. Architecture, Urban Planning, Interior Design (in Polish). 2023, 14, 119–129. [Google Scholar]
Warchoł, A. The Concept of LiDAR Data Quality Assessment in the Context of BIM Modeling. Int. Arch. Photogramm. Remote Sens. Spat. Inf. Sci. 2019, XLII-1/W2, 61–66. [Google Scholar] [CrossRef]

Figure 1. IFC model used to calibrate the BIM–CARVER tool for Bonsai. Source: own elaboration.

Figure 2. Access to the tool and BIM–CARVER interface in Bonsai (BlenderBIM). Source: own elaboration.

Figure 3. Identified critical (red), important (orange), significant (yellow), and insignificant (green) elements. Source: own elaboration.

Figure 4. HTML report generated from the CARVER tool. Source: own elaboration.

Figure 5. Model of a multi-family building used for the validation process (a), model of a single-family building used for the validation process (b). Source: own elaboration.

Figure 6. Color differentiation of building elements by risk category and the Selected Element panel with a detailed assessment of CARVER criteria – variant B. Source: own elaboration.

Table 1. Summary of the results of the validation of the BIM–CARVER tool on a set of ten test building models. Source: own elaboration.

No.	Building Type	Total Assessed	Average Score [6-60]	High [%]	Medium [%]	Low [%]
1.	Single-family	104	29.7	17.3	82.7	0
2.	Multi-family	249	33.8	55.2	47.8	0
3.	Multi-family	236	24.8	16.5	67.4	16.1
4.	Multi-family	425	23.9	10.1	51.8	38.1
5	Commercial	6020	23.5	6.0	58.7	35.4
6.	Single-family	116	29.4	23.3	76.7	0
7.	Single-family	65	29.1	23.1	76.9	0
8.	Single-family	123	27.1	12.2	87.8	0
9.	Single-family	392	22.1	1.5	88.0	10.5
10.	Commercial	5547	21.1	2.8	31.9	65.2
Mean [%]	—	1327.7	26.5	16.5	67	16.5

Table 2. Comparison of CARVER assessments for window joinery variants in the building model. Source: own elaboration.

Element	Variant	C	A	R	V	E	R	Score [6-60]
Window 1	A	4	7	6	8	4	7	36
	B	7	9	6	8	4	8	42
	C	4	7	6	9	4	7	37

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Copyright: This open access article is published under a Creative Commons CC BY 4.0 license, which permit the free download, distribution, and reuse, provided that the author and preprint are cited in any reuse.