By Bert Williams
During the past two years, dozens of attacks have been reported-including trespassing, vandalism, theft and sabotage-on critical utility infrastructure in the U.S. that posed dangers to life, property, reliable grid operation and utility worker safety.
These attacks included shooting at a security guard, crippling a substation’s service for a month and a complete power outage that affected 10,000 customers.
This is serious business. Utilities are losing millions of dollars from assaults on substations and other critical utility infrastructure. Equipment damage, material and equipment theft, as well as fines and lost revenue from power outages, are affecting utility reliability and safety.
Physical security can be a significant factor in minimizing or deterring threats. Conventional security measures such as walls, fences and locks are coupled with surveillance and thermal imaging and night vision cameras, gunshot location sensors, door alarms, keypads and biometrics for access control, motion detectors and intrusion sensors. This 24/7 centralized monitoring provides early awareness and visibility into incidents, enabling timely utility response.
Modern Wireless Networks-Vital Security Tool
Multi-application communications among security devices (cameras, sensors, keypads, lights, etc.) require reliable, secure, broadband networks. Wireless networks offer many advantages over wired networks and are preferred by utilities because they are much easier and more cost-effective to deploy in substations; they require no trenching.
It’s vital to consult multiple systems to determine how a security breach might have occurred. One example is to use streaming or captured video to confirm what triggered a substation motion sensor. This approach enables utility security employees to screen for and ignore false alarms. It also better equips them to dispatch the correct personnel (e.g., security, maintenance, police, fire, EMS) to respond to verified incidents.
Is a Wireless Network Reliable?
Physical hardening, battery backup, IEEE 1613 compliance, etc., are standard reliability features of today’s wireless networks; however, access to radio frequency (RF) spectrum, automatic interference avoidance software and mesh routing software are key elements to assure network reliability.
When wireless networks have more access to RF spectrum, they have more available channels to use to avoid interference. Additional spectrum also makes it much more difficult for saboteurs to jam the wireless communication network.
If the wireless network can’t dynamically use the RF spectrum, however, it’s of little use. By deploying automatic interference avoidance software, a wireless communication network can find and use a clean chunk of spectrum in real time, mitigating interference, whether from other legitimate spectrum users or malicious jammers.
Mesh networking provides another level or building block to thwart attacks quickly. Mesh routing software enables wireless communication networks to be self-healing, enabling fast recovery from equipment failure and damage. Mesh routing can restore connectivity even if saboteurs cut fiber-optic and copper cables at the substation. Because mesh routers are small and easily disguised, they are more difficult for saboteurs to take out than wireless point-to-point (PTP) or point-to-multipoint (PTMP) systems, which generally must be mounted on a mast or tower.
But Are They Secure?
Physical security and cybersecurity are interdependent. Physically breaking into a substation is an easy way to launch a cyberattack. Conversely, a cyberattack can support a physical attack by taking remotely monitored security systems offline.
Wireless communication networks, like all networks in substations, come with potential vulnerability to cyberattacks. Deploying a multilayer, defense-in-depth security architecture that extends all the way to the network’s edge can mitigate vulnerabilities.
What About Performance?
It’s all about broadband. Critical security applications such as video surveillance and thermal imaging are bandwidth-intensive and require high resolution and frame rates for optimal display. In addition, broadband is required for supporting physical security applications at multiple substations concurrently. Although individual security applications might not take large amounts of bandwidth, added together, the bandwidth can be substantial.
Can it Support all of Your Security Applications?
Another consideration when operating multiple substation physical security applications on a single wireless communication network is support for virtual LANs (VLANs) and quality of service (QoS). With VLANs, each application gets its own logical network that is configured with appropriate security and QoS settings. Using QoS and VLANS, a utility can, for example, ensure that latency-sensitive applications get priority over applications with less stringent latency requirements.
Being Proactive Can Thwart Attacks
Many benefits come with deploying and operating network-enabled remote physical security monitoring, from providing an audit trail of authorized personnel entering and exiting the facility to substation motion sensor trips. Remote video monitoring quickly can determine if an intruder set off a motion sensor or if it was just a curious animal. Having real-time intelligence allows personnel to be dispatched for only serious alarms. Also, quick, appropriate response to physical attacks, coupled with audible alarms and warning lights, can cause attackers to flee before they are able to vandalize, steal or damage property at substations. If they do stick around, archived video evidence can aid in the apprehension and prosecution of perpetrators.
The best attack is the one that doesn’t happen. If potential thieves and saboteurs are aware that a facility is well-secured, they likely will give up and move along.
Bert Williams is global marketing director for ABB Wireless. He brings 30 years of experience in leading the marketing organizations of networking companies. Williams has a Bachelor of Science with University Honors in Electrical Engineering from Carnegie Mellon University and an MBA from Harvard Business School. Reach him at firstname.lastname@example.org.
Mesh Networks Enhance Substation Communication Resiliency
An advantage of using wireless mesh networks for substation physical security system communication is that mesh networks can maintain connectivity with a substation even if the landline and point-to-point/point-to-multipoint (PTP/PTMP) wireless links to the substation have been disabled. Figure 1 shows a mesh network that covers part of a utility service territory served by three substations. At each substation, landline, PTP/PTMP or both wireless links provide backhaul to the mesh network, as well as connectivity for other data and voice services.
Figure 2 shows that if the landline and PTP/PTMP wireless links are disabled by cutting wires, shooting equipment, etc., the mesh automatically will reconfigure to provide connectivity to the substation under attack via backhaul points in other substations.