Securing the Power Grid White Paper

8/11/2019 Securing the Power Grid White Paper

1/10

November 2, 2012

119 John Cavanuagh Drive

Carp, ON K0A 1L0+1.613.839.5572www.senstar.com

Securing The Power Grid You Cannot Protect All Sites At All Times

By: Jim MaukOctober 2012

A Senstar Corporation White Paper


2/10

November 2, 2012

Contents

Background 2

The challenge 3

Critical factors to consider when

prioritizing a solution 3

The linkage between technology and

first responders 4

Prioritization for securing power grid

elements 5

PSIM importance 9

Which PIDS technology is best? 9

Background

Recent blackouts, such as the widespreadoutages experienced by the US and India, aswell as other power-related incidents across the

globe, have underscored the vulnerability of theelectricity supply chain.

While the trigger of these outages can berelatively minor, such as a transmission stationfailure, the impact can sometimes be feltnationwide. Blackouts disrupt public services,interrupt business activity, halt transportationsystems and even risk lives. As an example, theSeptember 2011 Southwest US power disruptioncaused a 15-hour blackout with an estimated$100 million in losses.

The growing wave of anti-government protests,ongoing terrorist threats, vandalism, criminalactivity and the recent trend of copper theftemphasize the need to physically protect thepower grid across the entire supply chain.Continuous power supply is a basic necessity ofany 21st century society, yet ironically it isrelatively easy to disrupt. This phenomenonbears some resemblance to the events of 9/11where, hostile activity by a small group causedmassive and widespread damage.

Even the "minor" theft of a copper grounding line,let alone an intentional terror attack, can put atransmission station out of service, andeventually shut down significant parts of the


3/10

November 2, 2012 Page | 3

entire grid. For example, though atransmission station in South Africa wasprotected by an electric fence, a thiefmanaged to dig under the fence andsteal a thick copper grounding section.

Although he may have earned a fewhundred Rand by selling the copper, hecaused direct damage of more thanUS$20M.

Entry point under an electric fence ata South African Transmission station

The challenge

Protecting a power grid represents asignificant challenge, due to its overallsize and vast deployment. Althoughtechnological solutions exist to detectintrusions close to the grid elements, asufficiently rapid response to mitigate adetected risk is sometimes not realistic. As a result, the entire solution is often

discarded. As total protection is not feasible, it ismore reasonable to prioritize the securitysolution based on risk assessment.

Senstar, with more than 30 years ofexperience in protecting power grids, isherby proposing a multi-dimensional

model to analyze vulnerability of the power grid,examine solution applicability and accordinglyoptimize solutions and products.

The following parameters should typically affectthe model:

Potentialdirect damage , inflicted by ahostile action

Potentialindirect damage

Expectedoutage duration

Security technology applicability

Availability offirst responders

Critical factors to consider whenprioritizing a solution

Direct damage represents the vulnerability of thesystem and the direct cost to rectify the damagedassets and restore full production. For example,blowing a main generator in a conventionalpower-plant can cost millions, in comparison tothe cost of repairing a damaged transformer,which is significantly lower.

Indirect damage represents the potential indirect

damage caused to customers. In general, thiscalculation takes into account the percentage oflost production, the criticality and size of theaffected area, the level of dependency on power(e.g., high dependency of industrial areas), theeconomic implications, the risk to lives(especially in megacities), and other intangiblefactors such as political and prestige concerns. As an example, if a relatively small district isdependent on a single high voltage transmissionstation, then either an expensive redundantchannel must be built or the transmission assetmust be protected with a robust security system.

Outage duration represents the expectedduration of the outage inflicted by the damage.The duration period takes into account theredundancy built into the power grid and the timeto rectify the indirect damage, whether by


4/10


replacing the component or by securingan intermediate alternative.

Security technology represents theapplicability of cost-effective securitytechnology in protecting a system or anobject. Theoretically, any asset can beprotected in a manner that willsignificantly mitigate the majority ofthreats. However, in many cases, otherconstraints may eliminate such solutions.For example, protecting high-voltagetransmission lines with physical smartbarriers is not practical due to both costand environmental concerns. On theother extreme nuclear power plants arerelatively small and easy to protect by

off-the-shelf Perimeter IntrusionDetection Systems (PIDS).

First responders represent theprobability of the human elementscapacity to respond to a threat in anacceptable period of time. It will alwaysbe simpler and quicker for a firstresponder team to address a threatwithin a power plant than along a lengthytransmission line, simply due to thesheer geographical constraints,especially in rural areas.

The linkage betweentechnology and firstresponders

The availability of technology and firstresponders are closely linked. Anintegrated security solution mustcombine three critical inter-related

elements, as illustrated below:

The reliance on implemented technology vs.human resources is essentially a tradeoff. In thirdworld countries, where labor cost is low, humanguards can be the backbone of the "system",supported by minimal technology. Elsewhere,human labor is being replaced by sophisticatedtechnology. Nevertheless, on some level, thehuman element is always required in an effectivesecurity solution. Automatic shooting robots arestill science fiction, and not at all realistic in a civilenvironment, where a power grid is deployed.

The reaction time of first responders is criticalbecause it will directly affect the chosentechnology. If the response time is expected tobe lengthy, the security solution should providethe required built-in delay to allow for detection,verification, deployment of the responders, traveltime and interception of the intruder.

Another critical technology component used forprotecting the power grid is the Physical SecurityInformation Management (PSIM). PSIMautomates and glues together physical security,process and personnel.

Human Resources

Technology Processes


5/10


Prioritization for securingpower grid elements

Based on the proposed model mentionedabove, the following is a review of some

key elements in a power grid. Eachparameter is scaled 1 (low) to 10 (high),representing its relative importance.Naturally, the real values are subjectiveand depend on the market, layout,threats, etc.

Nuclear Power Plants (NPPs) require ahigh level of protection; any directdamage may have a catastrophic, lastingand long-range effect on both theenvironment and on lives. In addition,any disruption will likely affect asignificant portion of the powergeneration capability due to its gigawattscapacity. Fortunately, NPPs typicallyhave a small footprint. Securitypersonnel are always available on site;therefore NPPs are easy to secure viaadvanced technology supported by asmall mobile unit of first responders.

The security at NPPs is highly regulatedby governments. A typical solution willinclude at least two layers of

fences/barriers with at least two independentdetection layers. North American NPP willtypically include:

A smart fence with a fence-mountedsensor, such as the FlexPS system as adeterrent and a 1st detection and delayinglayer.

A sterile zone in between fences

A high (typically ~6 meters) terrain-following volumetric sensor as a 2nd layer,such as XField. XField also has a deterringeffect, as it looks like an electric fence.

A second fence/barrier as a final delayinglayer, which should provide the adequateextra delay to ensure interception by thesecurity staff.

Sometimes the solution can be augmented byadditional layers such as:

A microwave sensor located in the sterilezone as an additional detection layer, agap filler, or as a virtual fence when gatesare open

A covert detection layer such as Omnitraxto detect the accurate location of intruders

Surveillance cameras, which may be usedfor verification and tracking both during andpost intrusion


6/10


7/10


A multi-layer power plant security

scheme with outer taut wire and innermicrophonic fence-mounted sensors

Solar farms are very different frompower generation plants mentionedabove. Large solar farms, the so-called"Concentrated Solar Power Plants,"constitute an interesting entity. If the coreproduction plant is damaged, the directdamage is quite significant. However, theoverall impact on power outage is limitedbecause the reliance on solar energy is

still limited, plus solar plants always havealternate power sources for cloudy days.Therefore, the main driver to securethese farms is economical protecting thelarge investment in equipment.

Large solar farms typically use:

A PIDS backbone consisting of a smart-welded mesh or chain-link fence, supported

by a fence-mounted sensor. For very largefarms, FiberLR is a very cost-effectivesolution. For smaller sites, simpler zonesensors would be more economical.

PTZ surveillance cameras must augmentthe solution in order to eliminate false ornuisance alarms. Without them, the smallteam of first responders may experienceburnout due to the size of the protected siteand the frequency of false alarms.

The core power plant is relatively small, butnevertheless very expensive to replace.Therefore, a focused second layer ofprotection would be a cost-effectiveinvestment.

High-end solar farm, typically protected as part of the insurance package


8/10


Transmission stations provide gridredundancy and load balancing,especially in the case of supplyproblems, making them an important andsomewhat tricky since in some

scenarios, the main transmission stationsmay constitute a single point of failure.

In addition, most of the stations are notattended round-the-clock and thereforethe response time can be lengthy,especially for stations located in ruralareas. Fortunately, these stations occupya small enough footprint to enabletechnology deployment at an affordablecost.

The large and critical transmissionstations should always be protected by areliable detection system as a first line ofthe PIDS. As these stations areunattended, the detection system mustbe fully automatic, with very low false

and nuisance alarm rates (FAR/NAR). Asignificant physical barrier would berequired as a second line of defense toallow the first responders time to react.Typical solutions consist of an integratedbarrier and sensors such as a FlexPSsensor mounted on a chainlink fence,supported by surveillance cameras,

connected to a regional Command and Controlcenter managed by a PSIM system.


9/10


Transmission lines present a complexsecurity challenge. Even though the mainlines are critical, they are very hard toprotect both from the technologyperspective and the required availability

of first responders. Therefore, in mostcases they are not protected.

PSIM importance

A PSIM system is vital and critical fornational power grid protection, as itmaintains the entire security solution andsignificantly improves the overalleffectiveness and efficiency of theintegrated security system (ISS). ThePSIM improves almost every componentof the ISS. The key benefits of anadvanced PSIM include:

Real-time collection and integrationof all sensors, to ensure enhanced

POD and more rapid rejection ofFAR/NAR

Geographical (GIS-based)presentation of the entire networkto improve situational awarenessand enhance the verificationprocess through data fusion

Predefined and embedded checklists toimprove the decision cycle and ensurecompliance throughout the entire process

Complete communication integration forrapid and efficient communication with firstresponders from the initial dispatch until thesuccessful interception of the intruder

Real-time location and display of the mobileresponders to enable efficient forceallocation, guidance and event handling

Bi-directional data sharing (maps, video,etc.) to streamline coordination between allthe security players and particularly mobileforces

Which PIDS technology is best?

Many security experts will claim that there are nobad sensors, just bad applications (and onoccasion, bad installers). Finding aknowledgeable consultant , system integratorand/orPIDS supplier with verifiablePIDSreferences and access to a wide array of PIDStechnologies is probably the best way to ensure asuccessful outcome. Nevertheless, the main

sensor technologies that are commerciallyavailable are listed below:

Taut wire A hybrid system of sensors weavedinto a barbed wire fence. This fence offersguaranteed performance in all weatherconditions. It has demonstrated a high POD andalmost zero FAR/NAR. Although it is costly, it isrelevant for high security, where deterrence anddelay must be achieved on top ofuncompromised detection.

Fence-mounted sensors These sensors areaffordable and ideal add-ons to existing fences. A second security measure, such as CCTV, isrecommended as a verification tool to manageFAR/NAR.


10/10


Buried cable sensors Avirtual fence implemented by smart cables, buriedless than 9 inches underground. Thesecables create aninvisible electromagnetic field, capable of

detecting any intruder entering thenarrow virtual corridor. The buried cablesensor is a perfect solution for locationswhere a fence cannot be installed foraesthetic or environmental reasons,such as concrete platforms wheremovement must be enabled only duringactive parts of the day. As a concealed,terrain-following sensor it is almostundefeated by intruders . Therefore, inmany places it is used as a second layer

sometimes outside of a fence, butmore commonly as an inner detectionlayer. As virtual fences do not imposeany delays on intruders, accuratelocation (ranging) of intruders (ratherthan rough zoning) is essential to enabletheir effective interception.

Microwave Another type ofvirtualfence that creates an invisibleelectromagnetic beam. It is also used as

a standalone detection layer either ontop of walls or as sterile zones between barriers. It is also used forvirtual gates , where the gate must beopen for traffic during the day but mustbe shut down at off-times, such asnights, weekends or during temporaryconstruction, when the virtual gate mustbe easily installed and removed later.

Tailored robust grids These aredesigned to cover critical holes inperimeter security such ascanals, pipes, open tunnels or drains .

Long-range fiber An innovative newtechnology, using a fiber sensor as a wall/fenceor buried detector. It is especially cost-effectivefor large sites with lengthy perimeters.

Documents

Securing the Power Grid White Paper