Thursday, February 27, 2014

A Shift in Substation Security

A Shift in Substation Security

by Randy Nason, PE, CPP - Vice President/Manager
Security Consulting Group for Guernsey

The recent discussions surrounding the April 2013 incident at the PG&E Metcalf substation has revived the historical concerns surrounding critical infrastructure protection. The takeaway from this event is not that electric substations are vulnerable to high powered rifle attack but rather that this known vulnerability has been exploited in what is reported to be a well planned effort by a determined group of individuals.

Industry practitioners are well aware of the vulnerabilities inherent in distributed infrastructure systems. A considerable amount of redundancy is usually designed into these largely serial systems. This allows a range of options in the event of the loss of certain key components including reliance on stored reserves or alternate routing, depending on the system type and configuration. However, in many instances, outages still occur.

The electric infrastructure is especially vulnerable in that it does not benefit from the overburden that provides some degree of protection for system such as water and natural gas. Electric substations, except in the largest metropolitan areas, are constructed above ground. Oftentimes, the largest substations and switching facilities are in outlying areas making them a large, visible, and somewhat remote target.

Considerable effort has been expended in the past decade in securing electric substations. Some of this effort has been driven by regulatory requirements; however, a primary driver has been preventing copper theft and general vandalism. The security approach has tended to follow the fixed facility model of detecting unauthorized access at a defined perimeter, assessing the cause of the alarm, and then initiating an appropriate response: in other words, protecting against a threat that is assumed to penetrate the perimeter boundary in order to accomplish its goal. This legacy approach was entirely justified since there was no significant body of data to challenge these threat assumptions.

However, the invalidating data was generated at Metcalf. It could well be that this incident changes the way we approach substation security just like the 1995 Murrah Federal Building bombing escalated the security profile at U. S. federal facilities and 9/11 generated the term homeland security. Let me recommend the following activities.
  1. Critical Facility Identification: The NERC CIP standards provide a methodology for identifying critical assets, primarily from a cyber perspective. This approach should be broadened to include physical assets that would significantly impact the stability and reliable operation of the bulk electric system (BES). Individual utilities should also recognize that a substation need not meet that standard to be a target. Metcalf is a case in point as the damages are reported at $15.4 million and yet no significant outages occurred.
  2. Design Model: New substation security designs need to take into account offsite threats. This will require protective measures to deny line of sight to critical, long-lead time items. It will also require the assessment function to address threats outside the substation perimeter. Current advanced video analytic software may be crucial to this requirement.
  3. Contingency Planning: Utility contingency planning should be escalated to consider complete loss of large components, not just damage. For many organizations, this will require longer range recovery planning due to component lead times.
  4. Coordination with Law Enforcement: Utilities also need to recognize that in the event of an incident like that at Metcalf, recovery efforts will take place in the midst of a federal crime scene. This may delay and subsequently limit access to the substation, thus extending the recovery timeline.
A comprehensive program to address this threat has many pieces; hardening the target is simply the starting point.
You can also view this article on our website at 

About Guernsey

Guernsey is a mosaic of engineering, architectural and consulting services. If you examine us closely, you might only see the component pieces. But if you look at the bigger picture, you see a unique, cohesive, employee-owned firm, capable of handling a wide array of projects, private or public, with a clients-first commitment. We are a multi-discipline firm, employing engineers, architects, planners, consultants, environmental scientists, designers, analysts, accountants and managers. Our clients include federal, state and local government; military entities; utilities; Native American tribes; universities; Fortune 500 companies; oil and gas companies; and more. Because we offer all these services under one roof, we are able to collaborate efficiently, giving you access to expert advice in a variety of disciplines and business sectors.

Name: Randy Nason, PE, CPP
Title: Vice President - Manager, Security Consulting Group for Guernsey
Phone: 405.416.8213
Email address:'s Security Recruiter Blog