How to strengthen the perimeter of electric utilities
To ensure the reliability of the North American power grid, the North American Electric Reliability Corporation (NERC) has developed a defense-in-depth systems approach to managing intrusion.
The current challenge
Electric utilities around the world have been experiencing a rise in intrusions. Copper theft, which costs U.S. businesses nearly $1 billion in losses each year, according to the U.S. Department of Energy, is one cause for the rise.
Copper is an incredibly valuable commodity—frequently earning the highest price per pound of all scrap metals—and it is endlessly recyclable. It can be melted down and remade into anything from plumbing materials to fiber optics.
Because it’s so valuable, people are willing to take risks to get it. In 2018, a 41-year old man died during an attempted robbery at a substation in New Brunswick, Canada. In addition to being dangerous, this type of reckless action can also negatively impact surrounding communities. In early 2019, thieves stole copper from a substation just outside of Halifax, Nova Scotia. The theft caused more than 5,000 customers to lose power.
But theft isn’t the only threat to electric utilities. In 2013, gunmen fired on 17 electrical transformers near San Jose California, causing $15 million in damage. While the attack had minimal impact on the station’s power supply, officials had to reroute power from Silicon Valley plants to avoid black-outs. It’s not clear why the attackers chose this power station or what their end goal was, but the incident highlighted just how vulnerable some stations are.
Regulations designed to mitigate risk
North America has had a regulatory body working to protect the power grid since 1968. Today, that body is the North American Electric Reliability Corporation (NERC), a nonprofit organization whose mission is to ensure the reliability of the North American power system.
As part of its mandate, NERC has established a series of standards that are aimed at encouraging steps that utilities can take in order to protect their environments and operations.
NERC’s systems approach to managing intruders
Rather than dictating how each utility must secure its stations, substations, and transfer stations, NERC suggests an approach that allows individual utilities to tailor their solutions to their own specific needs. It’s a defense-in-depth systems approach to managing intrusion that looks at zones of protection over large areas rather than focusing on creating a single, strong line.
This approach leaves utilities to develop their own strategies under NERC’s watchful eye. It’s important to remember that, regardless of the strategies they implement, utilities can always be subjected to NERC audits and face heavy fines for non-compliance. NERC penalties can be up to $1 million per day per violation.
So, what does this systems approach look like? It has 6 steps that utilities can address according to their budgets and needs and includes various technologies that can be employed to discourage, prevent, or respond to unauthorized access. It lets individual utilities establish how best to follow these steps.
Managing intruders in 6 steps
Detect
The first step is to detect possible unauthorized intrusions beyond the perimeter. This can be done with a variety of sensors, including Restricted Security Area (RSA) devices, thermal and video analytics. One of the challenges associated with detection is that it can produce nuisance alarms. Your security platform should have a rules engine to correlate events and reduce nuisance alarms so operators are only notified of genuine threats.
Deter
In this step, the idea is to discourage people who don’t have authorization from accessing the utility. This can include physical deterrents, like lighting, walls, and fences. Or, it could involve surprising or aggressive actions initiated by the security system. For example, once a system detects activity, it can automatically turn on strobe lights or play an MP3 on a networked horn or loudspeaker.
Delay
The goal here is to install security measures that delay physical access. This can include chain link fences that are incredibly time-consuming to cut through. One of the benefits of this step is that it provides security personnel with time to evaluate and prepare to respond to incidents.
Assess
During this step, security operators evaluate the incident to determine what is happening and then identify the actions necessary to respond to the situation. Assessing an incident at a fence or other restricted area is made much easier if security operators have “eyes on the scene.” This can include accessing nearby cameras or, in some cases, dispatching a drone to capture footage in real-time.
Communicate
For this step, utilities have to think about how security operators are going to communicate information and to whom. Command centers need to be able to share information with mobile operators who may also need to share information.
Respond
Security operators need to take the appropriate measures to apprehend an intruder. This last step is made much easier, and frequently unnecessary when the earlier steps have been followed. But, if the situation requires that security operators take action, utilities need to ensure that they have established standard operating procedures that can help guide responses.
Demonstrating compliance
Finally, having established requirements and responses that suit their needs, utilities must be able to demonstrate that events have been managed according to their security plan and that they are in compliance with NERC regulations. At this point, the ability to generate comprehensive reports as well as incident management audits is key. These can show compliance and can be extremely valuable during forensic investigations.