Protecting Utilities

Theft and vandalism make enticing targets for criminals

Federal, state and local agencies prioritize robust physical security plans for the nation’s electric power utilities. And they should. Any disruption in service from a primary provider could impact millions of people and businesses over a wide swath of the country.

THEFT AND VANDALISM

Utilities provide ample targets for vandalism theft and vandalism. The nation’s complex electric grid system includes more than 7,300 power plants, 160,000 miles of high-voltage power lines and millions of miles of low-voltage lines, along with substations and transformers. The remote sites of many utility facilities make them more susceptible to attack with less risk of detection. The need for more utility infrastructure can only grow as demands for electricity steadily climb.

It is not an overstatement to say our modern economy and lifestyles are dependent upon the reliable sources of power these utilities provide. Lately, there’s been a big emphasis on cybersecurity – protecting critical computer controls and communications systems from foreign and domestic hackers. However, successful physical attacks also highlight the need to deploy some of the security industry’s most sophisticated tools to deter criminals, from vandals to terrorists.

The non-profit North American Electric Reliability Corporation (NERC) sets standards, including security, for power system operation, monitoring and compliance. NERC’s critical infrastructure protection standards call for an initial risk assessment of a utility’s facilities to identify potential security threats and weaknesses. After the evaluation, NERC’s standards call for utilities to develop and implement a physical security plan for all transmission stations, substations and primary control centers.

The best place to deter and detect intruders is along a property’s perimeter, before reaching their targets. Here’s a look at some of the security technology being used to protect utility perimeters.

Microwave sensors generate an electromagnetic field between a transmitter and receiver to create an invisible barrier that, when broken, causes an alarm. Sensors may be installed on fences to detect cutting or climbing, while dual buried cables make a hidden zone that alarms when crossed. Graphic maps display the location of breaches. Integrating detection zones with the site’s video surveillance systems enables guards to make a visual assessment before determining what, if any, response is required.

PROTECTING THE PERIMETER

Other utilities now use military-grade distributed acoustic sensors to protect perimeters. Humans, animals, vehicles and other objects and activities generate distinct acoustic characteristics. Acoustic technology turns standard communications cabling, such as fiber optic, buried or mounted along a fence line or wall, to detect intruders. Sensors record and map all sounds within an environment. Once trained to “normal” sounds, the system recognizes new sound types and triggers an alarm. Artificial intelligence-based software distinguishes the differences in sounds and filters out extraneous environmental noise to reduce false alarms.

Thermal cameras detect the heat energy given off by humans to identify intruders in daylight or bad weather such as rain, snow and fog. On-board image processors provide a more accurate analysis of objects to help prevent nuisance alarms. Some thermal cameras may detect intruders at distances greater than 1,000 feet, meaning fewer cameras are required to monitor large outdoor areas.

Terrorists use drones to carry explosives or devices intended to disrupt a utility’s operation. That’s why leading utilities deploy anti-drone technologies. These expensive, multi-sensor systems may include audio, visual and thermal detection, along with radar and other technologies capable of pinpointing the pilot’s location, determining the drone’s direction and providing data on the device type and its IP address.

Federal laws prohibit most individuals and businesses from shooting down drones or jamming the signal between the device and its pilot. However, a few sites, such as military facilities and utilities, are exempt from these regulations. Signal jamming is preferred as downing a drone may result in the device injuring people on the ground. Jamming communication forces a drone to either land or initiate a “return to home” flight.

PATROLLING THE PERIMETER

Autonomous drones also routinely patrol perimeters. They typically have 30-minute flight times and automatically return to the base for recharging. The quality of drone cameras has dramatically increased over the past decade, enabling them to collect millions of pixels of high-resolution data, which is ideal for identifying people and license plates. In most cases, drone patrols augment, rather than replace human guards.

Gunshot detection technology (GDT) is also gaining popularity. Acoustic sensors placed throughout a site triangulate the sound of gunfire to pinpoint the shooter’s location within seconds. GDT may be used to help protect employees as well as utility equipment. On at least four occasions within the past decade, vandals used high-powered rifles to shoot at remote transformers, causing millions of dollars in losses and a blackout in one case.

Line disruption detection systems using acoustic technologies to detect and locate problems along transmission lines. Knowing the precise site of a problem is vital as lines may often run hundreds of miles from power plants to cities. Quickly locating and remedying a problem may save blackouts and situations such as faulty infrastructure enabling cables to sag and potentially ignite wildfires. Systems also create alerts when attempted cable thefts are detected.

Progressive utilities embrace the move to replace door hardware and intelligent controllers using the Open Supervised Device Protocol (OSDP), now recognized as the international standard for secure access control installations. OSDP enables the use of highly secure card technologies with AES-128-bit signal encryption protocol. Hackers easily intercept signals between proximity cards and readers to clone working credentials.

Every utility requires a single or regional command center enabling guards to monitor many disparate systems from a secured location.

Innovative integrators are now embedding staff within a utility’s security personnel. There’s no wait for service when a device fails – a technician is already on the job. Over time, the embedded staff learns the specific needs of a utility and can often spot and remedy problems before an emergency occurs. The embedded staff arrangement often works better than a traditional service level agreement between a utility and its integrator. SLAs typically allow the integrator several hours to respond to emergencies. And there may be debates about what constitutes an emergency.

As part of their daily jobs, embedded technicians may handle tasks such as printing badges for new employees, visitors and vendors. They may program and name the hundreds or thousands of cameras in use while ensuring backups and maintenance with the latest software updates.

AN INTEGRATOR’S PERSPECTIVE

Speaking from an integrator’s perspective, one of the biggest challenges in securing a utility is timing and regulations. A utility security staff moves quickly once it has an approved initiative. And they may have massive lists, such as a request to install microwave sensors at 200 remote sites within a month. With most other customers, the integrator would enlist and manage subcontractors to get the job done. But that’s often impossible as firms working at a regulated utility must be certified. This points out the need to carefully plan for security upgrades.

Of course, any utility installations include cameras, access control, intrusion, visitor management and other security systems found at most enterprise organizations. However, unlike some larger organizations, utilities have no room for downtime. Innovative security systems and services are necessary to protect electric utilities that provide an invaluable energy source to American homes and businesses.

This article originally appeared in the November / December 2020 issue of Security Today.

Featured

  • 91 Percent of Security Leaders Believe AI Set to Outpace Security Teams

    Bugcrowd recently released its “Inside the Mind of a CISO” report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO. Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers’ long-term privacy or security to save money. Read Now

  • Milestone Announces Merger With Arcules

    Global video technology company Milestone Systems is pleased to announce that effective July 1, 2024, it will merge with the cloud-based video surveillance solutions provider, Arcules. Read Now

  • Organizations Struggle with Outdated Security Approaches, While Online Threats Increase

    Cloudflare Inc, recently published its State of Application Security 2024 Report. Findings from this year's report reveal that security teams are struggling to keep pace with the risks posed by organizations’ dependency on modern applications—the technology that underpins all of today’s most used sites. The report underscores that the volume of threats stemming from issues in the software supply chain, increasing number of distributed denial of service (DDoS) attacks and malicious bots, often exceed the resources of dedicated application security teams. Read Now

  • Cloud Resources Have Become Biggest Targets for Cyberattacks According to New Research

    Thales recently announced the release of the 2024 Thales Cloud Security Study, its annual assessment on the latest cloud security threats, trends and emerging risks based on a survey of nearly 3000 IT and security professionals across 18 countries in 37 industries. As the use of the cloud continues to be strategically vital to many organizations, cloud resources have become the biggest targets for cyber-attacks, with SaaS applications (31%), Cloud Storage (30%) and Cloud Management Infrastructure (26%) cited as the leading categories of attack. As a result, protecting cloud environments has risen as the top security priority ahead of all other security disciplines. Read Now

Featured Cybersecurity

Webinars

Whitepapers

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3