Protecting Remote Critical Assets Against Vandals and Terrorists | ||||
|
The bulk of these attacks are in remote areas where detection and apprehension are unlikely and the results of destructive actions can be observed on news reports the same or on following days. Local law enforcement may be at a loss to explain who the offenders are and have limited resources to prevent reoccurrence. Obviously, placing personnel at each vulnerable area would incur expense and cause the offenders to relocate to a "softer" target, or less observable location.
Another threat to consider is the inadvertent entry of persons not having malicious intent, onto dangerous utility properties. Many persons under the influence of drugs or alcohol, those seeking shelter, persons unable to read and understand warning placards including children and those who speak only foreign languages have been injured or killed by high voltage or other hazards
In the past, isolated and infrequent incidents were often no more than a nuisance, but post 9/11 the possibility of a coordinated attack on numerous facilities must be considered. Although damage to any one of the facilities might result in minor outages or inconvenience, parallel damage in a number of related, yet isolated facilities could result in damage greater than the sum of the parts. Even those not knowledgeable in the intricacies of network protection schemes, automatic switching and automated alternate load paths could happen on a combination of targets which might disable an entire grid, especially during high load periods. For this reason “thinking like a fox” may be necessary to optimize protection schemes to harden the most sensitive targets as a priority. Ten foot chain link fences and hardware store locks may sufficient to slow or stop the casual vandal, but only an incidental nuisance to a determined group or individual. These facilities are soft targets and present opportunity to focus attention on whatever malicious message the sender intends. Offenders need little technical or logistical knowledge
Recently, the nations 105 operating commercial nuclear plants, as well as selected government facilities, were ordered to shore up defenses to slow or possibly stop the assault by a determined group of terrorists. The reactor sites, which were already considered “hardened” targets, were required to provide improved fitness and training for the security force, upgrade weapons, develop defense, communication and force coordination plans and install facility upgrades to provide an advantage in resisting a well-armed, determined group of adversaries. Although the conditions at the nuclear (and other generating sites) are manned and have active communication links, some of the lessons, training and equipment employed at those sites could easily be adapted for use at remote installations such as gas regulator sites, pumping facilities, substations and switchyards.
Al Queda and similar organizations have vowed to bring terror to our shores and since defenses have hardened in cities and at major urban targets, coordinated attacks at rural facilities have been predicted. The time has come to anticipate these events and prepare to minimize and mitigate damage, system outages and possible loss of life. Visible defenses may cause attackers to select undefended or minimally defended targets. Invisible detection and defense will help prevent reoccurrence and prosecute criminals when they have disabled critical systems and components.
Hardening targets is simply good business in the face of a credible threat, however preparation is the key. A similar situation exists when a number of unprepared campers are chased from their site by a bear. If the bear gives chase, taking time to stop and put on shoes might be prudent. You don’t need to necessarily outrun the bear, just your fellow campers.
What Action Can We Take?
Pre-planning
Although the number of sites to be protected and distances are great, especially in rural areas, improvements may be affected without a large outlay of capital. The selection of sites to be protected and the methods used to apply that protection along with a response to all predicted incidents will help reduce costs and provide an effective increase in protection. Activities fall into three major action areas; administrative, technical, and response/recovery, however a pre-planning and scoping of the plan should be completed first.
The following steps are suggested:
Once these planning activities are completed, Administrative, Technical and Response responsibilities should be assigned for the implementation of the RASP plan. Criteria for each activity should be established and progress measured against a standard or schedule milestones. Budget and schedule activities should consider training, drills and schedules updates/revisions to the plan.
Administrative
Security of ALL facilities should be integrated into every daily activity along with load profiles, major system maintenance and operational activities and other ongoing managed tasks. The status of security should be an ongoing concern, and readiness for response to an event should be as routine along with system failures from equipment breakdown, fires and weather. Clear responsibility should be established along with a centralized item in budget, performance review and benchmarking, and prudence reviews. If desired, or to defray implementation costs, these administrative guidelines may be integrated with responses to equipment failures and personnel injury in remote properties.
Written procedures should be approved and training established to ensure that each participant in the maintenance of security along with incident response knows and understands his or her role. These procedures should address, at a minimum, roles and responsibilities, required operational status (Minimum Equipment List (MEL) or color coded status), national security alerts, communication protocols, trigger points, definition and classification of incidents, drills and periodic reviews and post-incident reviews and tailboards. Procedures should be reviewed periodically to maintain relevance to changing threats and conditions. Review by cooperating external agencies, along with participation in drills will also aid in effectiveness and minimize confusion when actual incidents occur.
As a final administrative concern, “need to know” should be observed in any security system. Restricting of system design knowledge to a small group of technicians or parsing information to a number of different specialty groups, will help maintain system integrity and provide an additional obstacle for those who might seek to bypass system defenses.
Technical
Available off-the-shelf communication equipment and sensors provide low-cost rudimentary systems for detection and rapid response by utility personnel or law enforcement authorities. Wired alarms, load perturbation sensors, manned control centers all provide some early warning of damage or property loss, however steps can be taken to detect suspicious activity before criminal activity and subsequent damage results.
Low voltage and infrared cameras, sensors (vibration, infrared, pressure, displacement, etc) and telemetering equipment may be configured to operate 24/7 powered by batteries and maintained by self-check circuits and solar power. Planning of likely attack scenarios, paths and methods will aid in the choice of sensors. In some cases, especially those in very remote areas, the sensors and instrumentation will only record the intrusion but will help identify those involved. Where early detection and rapid response is possible, intentional or inadvertent damage may be prevented. Certainly, concurrent alarms from two or more distinct locations, possibly indicating coordinated attack, would trigger an (administratively defined) increase in response effort.
Where telephone lines are already installed, the costs may be reduced by shared use of this communications option, however, these lines may be vulnerable due to defeat by the attacking party or by weather elements (such as lightning) which may cause failure-induced false alarms. Dual telemetering or telephone lines employed as a backup, may provide an ideal communication link system.
When specifying sensors and alarm equipment, design criteria should be carefully considered. Weather, operating environment, tolerable rate of false alarms, resistance to tampering, sensitivity, etc must be carefully considered to design and assemble a dependable system. Since most sites will use similar technology, a single design criteria document for the system should be sufficient.
Landscaping and sight lines in the vicinity of the facility should be reviewed for possible improvements. A facility which provides cover for the execution of damaging activities, only further encourages attraction to a particular target. Unfortunately, a determined party will simply move on to a softer target; perhaps yours, perhaps that of another civil or industrial custodian. The best protected sights will be the last to be attacked.
Likely intrusion points may be identified and equipped with additional ex-system category sensors to increase the likelihood of detection. Allowing accumulations of brush, areas of deficient lighting and obstacles for use by attacking parties provides an ideal location for instrumentation and sensors to provide early detection capability. These schemes must be designed in advance to aid the attacking party into choosing an obviously “soft” path and thus fall into a sensor field of increased intensity. Think like a fox.
Response
Upon receipt of an alarm, action must begin immediately. Based on sensor information, especially by confirming or redundant sensors, response must be deployed immediately. Based on prior arrangements with law enforcement, these signals may be sent directly for their response, to a third party or for response by utility personnel. In any case, procedures must be followed to ensure the safety of the responders.
A change in status of the “readiness” or “alert level” must accompany an alarm (or alarms) so that all personnel involved understand the severity of the incident. Where false alarms are encountered, these must be investigated and action taken to prevent reoccurrence. Nothing will cause a system to be ineffective faster than a high number of false alarms. Personnel will not take alarms seriously if the alarms are assumed to be technical in nature.
Minimum response steps are listed below:
CONCLUSION
The principles outlined in this document provide a rudimentary guide to formulating a protection plan for remote and unmanned facilities. Many enhancements may be added based on local conditions, terrain, population density and perceived or actual threat.
Although it is hoped that none of the outlined activities are required, having a plan in place prior to the first recognized incident may provide additional protection from future attacks and enhance safety and system reliability. Providing a coordinated defense using modern sensors, communications gear and informed threat management, damage and financial loss may be minimized. Although no one wants to employ these procedures, the proactive approach to system protection makes sense from a safety, system reliability and customer satisfaction standpoint.
To subscribe or visit this site go to: http://www.energypulse.net