Theft and vandalism make enticing targets for criminals
- By John Nemerofsky
- Dec 03, 2020
Federal, state and local agencies prioritize robust physical
security plans for the nation’s electric power utilities.
And they should. Any disruption in service from
a primary provider could impact millions of people
and businesses over a wide swath of the country.
THEFT AND VANDALISM
Utilities provide ample targets for vandalism theft and
vandalism. The nation’s complex electric grid system includes
more than 7,300 power plants, 160,000 miles of high-voltage
power lines and millions of miles of low-voltage lines, along with
substations and transformers. The remote sites of many utility
facilities make them more susceptible to attack with less risk of
detection. The need for more utility infrastructure can only grow
as demands for electricity steadily climb.
It is not an overstatement to say our modern economy and
lifestyles are dependent upon the reliable sources of power
these utilities provide. Lately, there’s been a big emphasis on
cybersecurity – protecting critical computer controls and
communications systems from foreign and domestic hackers.
However, successful physical attacks also highlight the need to
deploy some of the security industry’s most sophisticated tools to
deter criminals, from vandals to terrorists.
The non-profit North American Electric Reliability
Corporation (NERC) sets standards, including security, for power
system operation, monitoring and compliance. NERC’s critical
infrastructure protection standards call for an initial risk assessment
of a utility’s facilities to identify potential security threats and
weaknesses. After the evaluation, NERC’s standards call for
utilities to develop and implement a physical security plan for all
transmission stations, substations and primary control centers.
The best place to deter and detect intruders is along a
property’s perimeter, before reaching their targets. Here’s a look
at some of the security technology being used to protect utility
Microwave sensors generate an electromagnetic field between
a transmitter and receiver to create an invisible barrier that, when
broken, causes an alarm. Sensors may be installed on fences
to detect cutting or climbing, while dual buried cables make a
hidden zone that alarms when crossed. Graphic maps display
the location of breaches. Integrating detection zones with the
site’s video surveillance systems enables guards to make a visual
assessment before determining what, if any, response is required.
PROTECTING THE PERIMETER
Other utilities now use military-grade distributed acoustic
sensors to protect perimeters. Humans, animals, vehicles and other
objects and activities generate distinct acoustic characteristics.
Acoustic technology turns standard communications cabling, such
as fiber optic, buried or mounted along a fence line or wall, to detect
intruders. Sensors record and map all sounds within an environment.
Once trained to “normal” sounds, the system recognizes new sound
types and triggers an alarm. Artificial intelligence-based software
distinguishes the differences in sounds and filters out extraneous
environmental noise to reduce false alarms.
Thermal cameras detect the heat energy given off by humans to
identify intruders in daylight or bad weather such as rain, snow and
fog. On-board image processors provide a more accurate analysis
of objects to help prevent nuisance alarms. Some thermal cameras
may detect intruders at distances greater than 1,000 feet, meaning
fewer cameras are required to monitor large outdoor areas.
Terrorists use drones to carry explosives or devices intended
to disrupt a utility’s operation. That’s why leading utilities deploy
anti-drone technologies. These expensive, multi-sensor systems
may include audio, visual and thermal detection, along with
radar and other technologies capable of pinpointing the pilot’s
location, determining the drone’s direction and providing data on
the device type and its IP address.
Federal laws prohibit most individuals and businesses from
shooting down drones or jamming the signal between the device
and its pilot. However, a few sites, such as military facilities and
utilities, are exempt from these regulations. Signal jamming is
preferred as downing a drone may result in the device injuring
people on the ground. Jamming communication forces a drone to
either land or initiate a “return to home” flight.
PATROLLING THE PERIMETER
Autonomous drones also routinely patrol perimeters. They
typically have 30-minute flight times and automatically return
to the base for recharging. The quality of drone cameras has
dramatically increased over the past decade, enabling them to
collect millions of pixels of high-resolution data, which is ideal
for identifying people and license plates. In most cases, drone
patrols augment, rather than replace human guards.
Gunshot detection technology (GDT) is also gaining popularity.
Acoustic sensors placed throughout a site triangulate the sound of
gunfire to pinpoint the shooter’s location within seconds. GDT may be used to help protect employees as well as utility equipment. On
at least four occasions within the past decade, vandals used high-powered
rifles to shoot at remote transformers, causing millions of
dollars in losses and a blackout in one case.
Line disruption detection systems using acoustic technologies
to detect and locate problems along transmission lines. Knowing
the precise site of a problem is vital as lines may often run
hundreds of miles from power plants to cities. Quickly locating
and remedying a problem may save blackouts and situations such
as faulty infrastructure enabling cables to sag and potentially
ignite wildfires. Systems also create alerts when attempted cable
thefts are detected.
Progressive utilities embrace the move to replace door
hardware and intelligent controllers using the Open Supervised
Device Protocol (OSDP), now recognized as the international
standard for secure access control installations. OSDP enables the
use of highly secure card technologies with AES-128-bit signal
encryption protocol. Hackers easily intercept signals between
proximity cards and readers to clone working credentials.
Every utility requires a single or regional command center
enabling guards to monitor many disparate systems from a
Innovative integrators are now embedding staff within a utility’s
security personnel. There’s no wait for service when a device fails –
a technician is already on the job. Over time, the embedded
staff learns the specific needs of a utility and can often spot and
remedy problems before an emergency occurs. The embedded staff
arrangement often works better than a traditional service level
agreement between a utility and its integrator. SLAs typically allow
the integrator several hours to respond to emergencies. And there
may be debates about what constitutes an emergency.
As part of their daily jobs, embedded technicians may handle
tasks such as printing badges for new employees, visitors and
vendors. They may program and name the hundreds or thousands
of cameras in use while ensuring backups and maintenance with
the latest software updates.
AN INTEGRATOR’S PERSPECTIVE
Speaking from an integrator’s perspective, one of the biggest
challenges in securing a utility is timing and regulations. A utility
security staff moves quickly once it has an approved initiative.
And they may have massive lists, such as a request to install
microwave sensors at 200 remote sites within a month. With
most other customers, the integrator would enlist and manage
subcontractors to get the job done. But that’s often impossible as
firms working at a regulated utility must be certified. This points
out the need to carefully plan for security upgrades.
Of course, any utility installations include cameras, access
control, intrusion, visitor management and other security
systems found at most enterprise organizations. However, unlike
some larger organizations, utilities have no room for downtime.
Innovative security systems and services
are necessary to protect electric utilities
that provide an invaluable energy source to
American homes and businesses.
This article originally appeared in the November / December 2020 issue of Security Today.
John Nemerofsky is the chief operating officer of Kent, Ohio-based Sage Integration.