New Standards Create Opportunities in Power Grid Security

Nov. 11, 2016
NERC introduces a host of new security regulations for electrical substations

Is the U.S. power grid adequately protected? It is a question being asked more often these days; in fact, ASIS keynote speaker and news legend Ted Koppel raised the very question to a packed audience in Orlando.

Amid frequent reports and public debate of threats facing electricity plants and substations from both the cyber and physical standpoints, Sept. 25, 2016 marked a quiet milestone for better physical grid protection with new standards from the North American Reliability Corporation (NERC).

NERC now requires updated physical security plans from certain U.S. electric substations to ensure they effectively “deter, detect, delay, assess, communicate and respond” to physical threats. The ambitious new set of federal security standards — called Critical Infrastructure Protection 014, or CIP-014 — is finally being rolled out nationwide after at least two years of revision.

Substations now have until the end of the year to get their plans approved, with the goal of 2017 bringing better preparedness to act quickly in the event of a physical attack. Although NERC-CIP-014 is largely concerned with the threat of physical security attacks compromising the integrity of the national power supply grid, NERC-CIP-5 (or CIP v5) addresses cybersecurity for the North American electrical power supply infrastructure. CIP v5 went into effect in July 2016.

Both NERC standards represents a step in the right direction towards a more robust and safe grid. The new standards rightly focus on avoiding a mass cascading blackout at a national level, but substations that aren’t officially held to these standards could still experience major losses and outages if attacked.

An example would be a California substation that was attacked in 2013 — costing $15 million in damages and inspiring the new regulations in the first place — that is technically not required to comply with CIP-014. This begs the question: how many substations are still vulnerable to physical attack?

Market Opportunity

Beyond those facilities required to comply with the new standards, even those substations not required to obey the new rules are being encouraged to use the regulations as a guideline to improve their own security postures. This is where a savvy security integrator comes into play. It is vitally important for each substation — regardless of its “level” — to protect itself from physical threat; and integrators can help pave the way for these facilities to comply with the new rules.  

For these vulnerable substations, the key is implementing a sustainable “early warning” system that can reduce risk while maintaining compliance. This can be achieved with a three-pronged technology approach which operators can manage through a single user interface:

1. Make the perimeter smart. For many substations, the first line of defense continues to be a chain-link fence and padlocks; when in actuality, advanced sensors should be considered “bare bones” to a perimeter defense system. Networks of advanced sensors and radar equipment coupled with video accomplish the goal of keeping unauthorized persons off the property, while enabling notification of an approaching threat minutes in advance — giving authorities a chance to react.

The most successful security solution integrates perimeter with video management and access through a central management system. The perimeter solution itself should combine visitor management, access control, video management and intrusion into one platform. All of these parts should integrate to enable the operator at the central station to make quick, informed assessments of alarm conditions for the most accurate and efficient response possible.

2. Deploy video analytics. While the quality of the camera should be taken into consideration, expensive and/or feature-rich cameras may not be the answer. Today, the true benefit of video surveillance is its intelligence and analytics capabilities. Video should work seamlessly with the motion detection systems to capture images — offering multiple views, site navigation and event verification — and send them to central stations for assessment.

Smart video capabilities not only provide live detailed insight, but they deliver the proof necessary for alarm verification and third-party evaluations. Live-time assessment reduces false alarms and enables operators to take action swiftly and remotely at a moment’s notice.

3. Take advantage of evolving access control solutions. Along with the evolution of CIP regulations, electronic physical security has evolved beyond securing a physical structure, advancing security both into and outside of buildings. Establishing a comprehensive and effective access control system, which authorizes who can go where with items such as key control and entry logging, can help reporting run smoothly—and make sure the facility is protected from internal threats.

Angela Oberman is Honeywell Security & Fire’s Critical Infrastructure Segment Manager and Site Leader. Request more info about the company at