At the core of every community lies the responsibility of electric utilities: to provide a safe, reliable, and secure power supply. Industry collaboration is fostered by utilities sharing best practices related to critical, long lead equipment, aiming to enhance overall performance and reliability. The evaluation of security measures involves a dual focus, incorporating functional assessments to mitigate vulnerabilities and maintaining compliance with regulatory requirements. This intricate approach guarantees the continuity of dependable service while safeguarding against potential risks.
Over the last decade, heightened attention and substantial investments have been directed toward enhancing physical security, prompted by unfolding events. The noteworthy shift in physical security practices following the 2013 Metcalf event, which involved a sniper attack on a substation, resulted in a significant change in physical security practices. These concerning events and tensions worldwide require a continuous commitment to security assessments and improvements. The need to understand a utility's vulnerabilities and how an adversary may exploit those vulnerabilities has never been greater.
Historically, the physical security of utilities resembled that of a shopping center, where utility substation cameras were monitored by minimally trained personnel. Even for the most critical high voltage substations, now classified as NERC CIP-014 substations, security relied on staff using limited cameras viewed on small monitors. Security measures we consider essential today, such as video analytics, response training, and enhanced security policies, were non-existent.
Following the Metcalf event, there has been a significant transformation in physical security and monitoring. Utilities have made substantial improvements and have transitioned to a comprehensive set of tools to mitigate security risks and vulnerabilities on the power grid. State-of-the-art security control centers with highly trained staff now monitor hundreds of hardened high-voltage substations. Close monitoring involves utilizing high-tech cameras, prioritized alarms, and large video walls with multiple monitors, all routinely tested on simulated site and substation attacks.
Nonetheless, the advancement in utility physical security practices has yet to be consistent across the industry. Varying degrees of maturity, diversity of critical customers, and different funding processes contribute to inconsistencies. Utility physical security is a dynamic process, and prioritizing security requirements requires a well-thought-out approach. Critical assessments, impact analysis, and resource constraints guide utilities in allocating limited funds to prioritize this crucial aspect of their operations.
Substation security best practices include:
- Security Control Center 24/7 monitoring substation cameras and alarms at a centralized location: Facilitates quick response by local law enforcement and utility personnel.
- Infra-red cameras with video analytics, inside substations and outward facing – While properly placed cameras throughout the facilities are good, accurately identifying a real threat upon hundreds of camera streams is not humanly possible. Relying on proven video analytics helps remove the human error element and allows only true alarms to reach the Security Control Center personnel, increasing efficacy and reducing complacency.
- Motion sensors with enhanced substation lighting: Provide improved security.
- Volumetric detection: Outward facing from utility assets, allowing detection well past the property boundary.
- Gunshot detection and alarms: Instant, reliable detection with automated notification to security personnel is crucial for a timely response. Utilizing technology to detect gunshots removes human interpretation from the process properly.
- Drone fencing detection and alarm: With today's legal challenges regarding drone engagement, properly detecting drones and pilots is the first step in being prepared.
- Vegetation clearing based on security assessments: Allowing clear lines of sight to detect potential threats early.
- Installing outer perimeter vehicle gates: Provide a defense in layers concept to minimize the potential for unwanted vehicles gaining immediate entry into the substation.
- Installing fencing designed to deter climbing or digging, with minimal visibility: This strategy extends the time required to access the asset, providing an increased window for response once a threat has been accurately detected.
- Control house ballistic protection: Safeguarding system protection and personnel associated with proper response are integral in maintaining mission-critical operations during an event.
- Strengthening security measures for substation communications circuits: Underground substation communication circuits should be buried to an appropriate depth, encased in steel or concrete conduit, and properly marked with locating tape above the conduits. Ideally, utilities would employ wire and wireless alarm circuits that operate in unison to provide redundancy.
- Safeguarding long lead equipment: Implementation of protection measures, including walls for transformers.
- Collaborative industry-sharing groups focused on long lead equipment: Similar to storm damage and outage support, utilities have mutual aid groups that facilitate the transfer of available critical assets during emergencies. Either through cooperative purchases or commitments to assisting peers through formal agreements, supply and procurement mutual aid can expedite the reenergization of assets should a security breach occur.
- Security assessments by professionals experienced in other critical industry security practices: Red team exercises identify vulnerabilities in the security systems and processes that may not be evident. Utilities should consider changing their red team vendors occasionally so unexposed or new vulnerabilities are identified and remedied by vendors unfamiliar with the utility's response protocols.
- Independent security assessments: Crucial for pinpointing security vulnerabilities, it is recommended that a different consultant be used each year.
- Promoting employee education and awareness: Encourage employees to report damages to fences, missing locks, unusual activity, etc. They become a critical line of defense.
Utility best practices should be adopted rather than doing the minimum to achieve compliance with regulatory requirements. In some cases, utilities and their security consultants use security practices from other critical industries. This different and broader perspective is needed for continued improvement.
While these security measures yield significant benefits, it's generally agreed that no single measure alone can guarantee the prevention of a successful attack. A layered approach to a utility's security plan is imperative for proper detection and response. The best designs are those where any individual substation can be de-energized with no bulk transmission or customer impact. Networked designs with high-speed system protection maintain reliability regardless of the impact of physical attacks.
While future security threats remain uncertain, maintaining electric infrastructure security will persist as a top priority. The resilience of operations relies on a combination of factors, including system design, criticality assessments, investment prioritization, adopting new technology, industry collaboration, and incorporating security best practices. Sustaining an elevated level of vigilance will be an ongoing requirement for both security design and operations in the electric utility sector.
Dwayne Basler, PE, is Vice President, Utility Market Segment Leader at CHA Consulting, Inc. With a career spanning over 30 years in the utility industry, he brings extensive expertise in enhancing the reliability of electric transmission systems. Basler's experience includes control center operations, NERC compliance, design oversight, program and project management, infrastructure planning and development, and strategic planning.
Toby Heath, CPP, PSP, LEED Green Associate, is Life Safety and Security Manager at CHA Consulting, Inc. He oversees CHA's life safety and security team, performing vulnerability/risk assessments and security system design and consulting, including access control, video surveillance, intrusion detection, and mass notification. Heath's experience ranges from his real-world missions with the U.S. Army to designing all levels of security systems as a security engineer for more than 20 years.