Electric utilities are already highly regulated when it comes to securing critical cyber assets, but an incident in Silicon Valley last year has brought physical security to the forefront for the industry. At 1 a.m. on April 16, 2013, just one day after the Boston Marathon bombings, someone using automatic rifles opened fire on the Metcalf transmission substation, shooting for a full 19 minutes and leaving the scene only one minute before the police arrived. The sniper, or snipers, knocked out 17 large transformers that distribute power to Silicon Valley, and it took 27 days to repair the substation and bring it back on line.
There is no evidence that terrorists were involved in the attack, but nevertheless, it has raised serious concerns over the vulnerability of the electric power grid. So much so that PG&E recently announced a $250,000 reward to catch the perpetrators of the Silicon Valley incident. Further, the utility also announced it would invest $100 million to step up security for its substations – installing opaque walls, hiring guards, deploying cameras, enhanced lighting, and additional alarms.
Also as a result of this incident, the Federal Energy Regulatory Commission (FERC) has increased efforts to address security risks and vulnerabilities,requiring more comprehensive physical security of the power grid.
Why is this so important? Electrical substations are critical to the electric power grid, but they are difficult to secure because there are so many of them (there are thousands of such locations across the U.S.), and they are often remote and unmanned which makes them more susceptible.
It’s not possible to man every substation or install a complete barrier around each of them. Nor is it feasible to prevent every attack. But utilities can apply technology to put virtual eyes and ears on the scene. This increases the utility’s real-time awareness, management, and response to such situations so they can mitigate risk and minimize damage.
Most utilities already have centralized command centers where they monitor their critical facilities based on data from video and other sensors. Some forward-thinking utilities also use Physical Security Information Management (PSIM) solutions to centrally manage these inputs for their many critical infrastructure facilities.
Utilities can extend these existing investments for substation security as well. One approach would be to apply intelligence to video to detect and manage incidents at outlying locations.
This could be as simple as using existing camera technology, along with some specialized cameras with built-in microphones. The mics can pick up loud and sudden noises, and, if they’re connected to a Video Management System (VMS), a person in a remote control center can be automatically alerted when an anomaly is detected and see the live video of the scene. The utility could even employ a black box with a pre-recorded message that could automatically play, notifying the intruder that law enforcement personnel are on the way. If there is two-way audio, a person in the command center can even broadcast through the mic, directly speaking to the intruder while watching on camera.
Gunshot detectors hooked up to a VMS or PSIM system are another tool, albeit a much more expensive option, on the order of tens of thousands of dollars per installation. Utilities could integrate a VMS or PSIM system with sensors such as fence shake detectors, video analytics (perimeter intrusion detection along the fence line), or some combination of both. If there’s a breach, someone in a remote command center can be notified immediately. The video analytics of such systems are sophisticated enough to differentiate between small animals and people, minimizing false alarms.
Finally, utilities could extend this situational awareness to nearby law enforcement authorities to enable them to respond quickly. This could include sharing images and live video feeds, GPS information, tasks, and other critical data. A collaborative response, hand in hand with law enforcement agencies, can effectively mitigate such events, especially where fire arms are being used. Sharing the accurate location of the snipers, together with any other visual information, can make the police work much easier. A post-event multimedia reconstruction can also create an incident case that helps police in their criminal investigation.
As threats to critical infrastructure evolve, technology will remain at the heart of improved situational awareness. There is no way to completely prevent such attacks, but the tools exist to detect threats and initiate an effective real-time response. These capabilities could minimize damage and speed response and ultimately go a long way toward safeguarding the national power grid.