POWER GRID SAFETY ACT PROTECTION STRATEGY
The 21st century has brought great innovations and technologies to the civilized world but also a new type of homeland terror looking to do us harm by any means possible…We have developed into a sophisticated technological services oriented society... totally reliant and dependent upon modern machines and devices, having everything at our fingertips. Cell phones and computers have become our main source for communication and news around the globe in an instant. Entertainment, internet access, gaming, stock reports, day trading, mass transportation, life support, shopping, reservations, home security and the list goes on…and it's all dependent upon electricity.
The North American Power Grid is a complex digital and physical system crucial to life and commerce in this country, consisting of more than 7000 power plants, 55,000 substations organized into Five major interconnections that are operated by 66 balancing authorities and 3000 different utilities. Our life revolves around grid reliability... the flip of a switch, push of a button, a swipe of a screen or a verbal command to a device and life happens….lights go on, turn up the heat or flip on the AC maybe a snack from the fridge...order food, gas for our vehicles cold beverages to quench our thirst, just a normal day most of the time…
Occasionally we experience a power outage due to severe weather or the occasional equipment failure or downed power line. For the most part utility crews are able to restore power in a few hours, but in a situation like a coordinated attack on multiple transmission substations it may take many months to a year or more to restore power to customers back to the normal 24/7 basis. This is more than a major costly inconvenience for the people, business, governments and other dependent critical infrastructures such as: drinking water, wastewater, communications systems, traffic control systems, critical healthcare and more in the affected power outage areas.
Power utilities could be held liable for massive losses resulting from terrorist attacks on key substations which could bring on a number of lawsuits from “injured parties” that are in the multi-billion dollar range. This combined with major losses in electric power sales revenues, and billions of dollars of loss in stock market value would be devastating for any utility.
The good news is that the US Congress passed the SAFETY Act which can provide extremely valuable protection against uncontrolled losses by power utilities resulting from terrorist attacks. SAFETY Act protection can be afforded power companies when they apply and demonstrate to Office of SAFETY Act Implementation at the US Department of Homeland Security that their utility has gone “above and beyond” the basic regulatory compliance for physical and cyber security. The Office of SAFETY Act Implementation is now urging power utilities to seek SAFETY Act protection.
How does a utility know it has gone “above and beyond” with substation security? One way to effectively demonstrate the protective effectiveness of the utility’s substation security system is to model simulated attacks with third party Monte Carlo Simulation software that has already been DHS Safety Act Certified to model and “test” various security solutions. ARES Security’s AVERT Monte Carlo Simulation software is the only one holding a DHS Safety Act Certification.
In their efforts to comply with new NERC CIP-014 physical security regulatory requirements, many electric power utilities have implemented the current Best physical security Practices (largely developed in the 1900’s) to protect transmission substations. This PASSIVE security approach includes walls, enhanced video surveillance, radar, gunshot detectors and electronic entry control. The Security Oracle used AVERT to model, the current Best physical security Practices and found they Do Not Work against attacks similar to the Metcalf transmission substation attack wherein several persons armed with high powered rifles debilitated 17 transformers by shooting into their oil cooling system tanks.
A security expert from Lawrence Livermore Laboratories, has cautioned utilities against the disparate bolt-on approach of installing a combination of passive security measures that in some case may actually aid attackers. The AVERT modeling software found no appreciable increased protective effectiveness gained by installing a high wall or opaque metal fence around the substation. The modeling software ran 200 simulations modeling various scenarios of multiple attackers armed with rifles and using extension ladders and pickup trucks. It was revealed that the high perimeter barriers created increased vulnerability by affording the attackers a higher vantage point and better angle to fire down on the transformers and control houses. The substation is devastated in just a few minutes. The conclusion is that a Passive security barrier and intrusion detection system, coupled with the inability to respond in time with adequate force against an attack is the formula for drastic consequences.
In fact another Monte Carlo simulation study by Idaho National Laboratories demonstrated the devastating consequences a car bomb consisting of 1,000 lbs of ANFO caused on an electric power substation. Most all critical substations components suffered major debilitating damage. Another study by the US Air Force Battle Lab showed how 2,400 lbs of ANFO in a pickup truck would blast apart a reinforced concrete wall and hurl large chunks of concrete and rebar at 211 MPH at the infrastructure component that are supposed to be protected by that very wall. The lesson learned is that fragment and bullet resistant barriers should be in clos proximity to the assets they are protecting versus at the perimeter, especially when there is little to no stand-off space from areas where a vehicle could access.
ARES Security then applied AVERT to model The Security Oracle’s remotely controlled active defense and denial system or RCADS® which uses closed-loop artificial intelligence to manage the active, immediate defense of the substation by Detecting—Engaging – and NEUTRALIZING attackers. The modeling software ran 200 simulations modeling various scenarios of multiple attackers armed with rifles and using extension ladders and pickup trucks, and each time RCADS® thwarted the adversaries before they caused any damage to the substation.
In October 2017, NERC security inspectors witnessed this 21st century Robotic Defense Platform actively protecting a NERC CIP-014 designated transmission substation; they indicated that RCADS® surpasses NERC-CIP-014standards and was “Best Seen to-date.” RCADS® closed-loop Artificial Intelligence delivers a Non-Lethal response to stop attackers and shooters in a few seconds which saves valuable time to virtually eliminate damage to equipment, down time, associated financial consequences and the loss of the most critical of all our infrastructures.
The take away is that installing RCADS® that has been verified as effective against physical attacks on substations by way of third party SAFETY ACT certified Monte Carlo simulation software can most effectively protect critical assets and afford the utility potentially billions of dollars in terrorism liability protection.