Protecting The Nation's Power

Target practice can take down the electrical grid

• By Clint Hilbert
• Jun 01, 2015

It was a late night shooting spree in early Spring of 2013, when an apparent lone rifleman situated in a thicket on a hillside in San Jose, Calif., attacked a large electrical power transmission substation by aiming and shooting at critical components as if playing an arcade game. April 2015 marks the twoyear anniversary of this shooting event. What’s disappointing is that the ensuing investigation has produced no arrests and little progress has been reported on identifying a suspect.

The targeted facility is located south of San Jose and can be viewed from a major highway that passes next to it. The apparent attacker fired about 100 bullets in less than 20 minutes into the transformers, and the substation’s ability to maintain current began failing quickly—all within 14 minutes. Not realizing what was happening at this particular substation and in order to avert a major blackout, energy grid officials began rerouting power from nearby substations around the Silicon Valley. Approximately 17 of the substation’s transformers were severely damaged, resulting in millions of dollars of repair costs and a solid month of down-time for the substation.

Under most circumstances, an attack of this magnitude would have made top headlines in national news, but it happened on April 16, immediately following another very serious but unrelated event: the Boston Marathon bombings of April 15. Thus, with the nation’s attention focused on Boston, the substation shooting received mostly local news coverage. The seriousness of this attack wasn’t highlighted until the Wall Street Journal published an article about it on Feb. 5, 2014. While the utility industry was already well underway with changes addressing the newly realized vulnerability, the federal government began pushing for more meaningful protection requirements.

The operator of the attacked substation reacted by committing funds for an extensive security upgrade investment of more than $100 million spanning over three years to fortify and better secure its major substations across its Northern California service region. Many other major utilities took note and also began investing likewise in substation security upgrades. In the months that followed, the North American Electric Reliability Corporation prompted by the Federal Energy Regulatory Commission approved a more stringent set of security standards under the National Infrastructure Protection Plan, more specifically within the Energy Subsector and established the Critical Infrastructure Protection Reliability Standard 014 (better known as CIP-014). Today, CIP-014 is well into its 6th revision and major utilities are entrenched in compliance measures heavily focused on physical security improvements.

Interestingly, the Wall Street Journal article stated, “The attack was ‘the most significant incident of domestic terrorism involving the grid that has ever occurred’ in the United States, said Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission at the time,” and “He [Wellinghoff] said he was going public about the incident out of concern that national security is at risk and critical electricgrid sites aren’t adequately protected.”

There has been much speculation as to whether the attack is a precursor to an even larger series of attacks and whether it was planned and executed by a yet-to-be identified terrorist group. Either way, it is apparent that our nation’s bulk power supply is at risk due to its current vulnerable state. Let’s face it, most industrial systems are not designed for operation in areas of conflict and will take years to adequately harden. However, by practicing and implementing an elevated level of safety and security that considers an all-hazards approach using basic concepts such as Crime Prevention through Environmental Design (CPTED), much of our national infrastructure would be less vulnerable to attack.

Severe damage and physical destruction is always a showstopper for any operation. Using a total solution provider that can logically integrate physical defense systems with perimeter intrusion detection systems is a solid path to successfully protecting a facility. More importantly, managing the fifth zone (areas outside of the protected facility) is the key to achieving advanced warnings.

Just like military operations, you want to see the enemy before he sees you and that can’t be done if security systems are focused on just the immediate perimeter. As perimeters go, stronger is better. By using “high-delay time” fencing products (entry is made no sooner than 4 minutes using conventional means), vehicle barriers, retractable bollards, crash-rated gates and sally ports, video surveillance, intrusion detection systems and advanced motion analytics around the entire perimeter, facilities can become adequately secure and protected from most crime. The weak side of a perimeter is the choice side for any criminal.

It helps to select a single provider to design and install an integrated package and to commission the systems based upon an operation’s unique set of performance objectives. These objectives should benefit the end users and support their desired response protocols during events. The alarm notifications should provide clear and concise instructions for each type of event and the associated intrusion systems should be redundant and well maintained, allowing for multiple confirmations that help reduce and eliminate false and nuisance alarms.

Because of its relatively low cost, chain link fencing dominates the perimeter security market as the most popular solution, especially in the United States. However, standard chain link products are more suited for safety purposes than security defense. It has been proven that without significant modifications, standard chain link products can be easily breached in a matter of seconds by pulling up on the mesh and passing beneath it or by snipping and unwinding one of the coils and passing through the impending opening. The ease in which this is accomplished diminishes the legitimacy of low-cost chain link fencing for consideration as a secure perimeter defense solution.

Since, it is apparent most high-security facilities require some sort of physical perimeter barrier system to control the access or lengthen the delay time required for forced entry, many organizations have moved away from chain link products and are now using combinations of welded wire, expanded metal and louvered panels, all offering much longer delay times and requiring significantly more sophisticated means of forced entry.

As perimeter protection solutions became more advanced and made with stronger steel and thicker gauges, the support posts and structural foundations also need to be sturdier and better engineered to support the additional weight and wind loads. Planning a facility’s perimeter security requires time, effort, and adequate funding. Security professionals should always assess a provider’s products, scope capability, financial health, references, and quality systems. Wire mesh products should be tested for tensile strengths whether used in chain link or woven meshes, along with strength tests of the welds used in welded wire mesh panels.

High-security fencing systems are just one of many necessary components for perimeter protection. While demonstrating a return on your security investment can be challenging to prove, we must weigh the possible outcomes of adverse events against the cost of maintaining our livelihood.

This article originally appeared in the June 2015 issue of Security Today.