As we discussed in our previous post, threats to facilities within the electric power system are difficult to predict. To help mitigate risks, Prescient works with the electric utility industry to provide insightful assessments of existing power system security practices. Our primary concern when evaluating security at critical facilities is preventing wide area blackouts that can take weeks or months of rebuilding and recovery, and that would make national headlines.
Prescient uses a proprietary risk matrix which scores the criticality of facilities based on three main criteria: facility location, interconnectedness within the grid, and perimeter and interior security. As part of an assessment, Prescient provides concrete solutions and specific enhancements to reduce risks and vulnerabilities. We’ll discuss these solutions in more detail later in this series.
Let’s take a deeper look at Prescient’s approach to security risk assessments.
Risk Matrix Scoring System
Prescient’s risk matrix assigns each facility an overall risk score on a scale of 10 to 100 for three different threats: unintentional saboteurs (ex. vandals), intentional saboteurs (ex. disgruntled employees), and coordinated attackers (ex. terrorists, domestic or international). The higher the score, the higher the level of risk to that facility. Some facilities will have much different scores in each of these categories.
Seeing a concrete risk score allows companies to make decisions about changes they should implement in terms of risk and cost. For example, if Prescient’s initial assessment results in a score of 70 or above (very high risk), Prescient will provide a list of enhancements that could reduce the score to 30 or below (reasonable risk), as well as ballpark cost estimates of the recommended enhancements.
Risk Criteria 1: Facility Location
The location of electric power facilities can strongly impact the risk score of that facility. For example, high voltage, open-air substations that are located next to highway bridges can be very high-risk facilities. These types of facilities are particularly vulnerable to threats from domestic terrorists.
Other facilities are vulnerable to different types of risks. High voltage, indoor substations would be extremely vulnerable to sabotage by an intentional saboteur such as a disgruntled employee. These types of substations would receive a high score if plans were not in place to prevent a disgruntled employee from harming the facility.
On the other end of the spectrum, high-voltage, open-air substations located in rural areas can be very high risk when vandals are the threat. High-voltage transmission lines can also be vulnerable to vandalism, as was the case in Cabot, Arkansas, when Jason Woodring strung a cable through a transmission tower and across a nearby railroad, with the intention of having the tower pulled down by a passing train.
Risk Criteria 2: Grid Interconnectedness
Another key factor in Prescient’s risk matrix is the interconnectedness of a specific facility with the surrounding grid. Before even assessing physical security, Prescient determines how the facility fits into the grid and the scope of a potential outage based on varying threats. Prescient considers the voltage of the facility and creates models to estimate the surrounding area voltage profile should the facility be damaged.
We use this information to establish the vulnerability of the surrounding power system to a wide area blackout if a facility is sabotaged. We can determine the scope of an outage based on the theorized extent of vandalism. We can even map out specific locations that would be impacted before a facility is taken offline.
For example, suppose a facility is located in a suburb of Atlanta. We would first determine the vulnerability of the surrounding grid to a wide area blackout if the facility were compromised. A facility in this location is interconnected with the grid spanning the entire Atlanta area, and damage at a suburban location could easily trigger a metro-area wide blackout.
By identifying how a specific facility fits into the grid as a whole, we can assign this facility a specific facility criticality score, which will be factored into the overall risk score.
Risk Criteria 3: Perimeter and Interior Security
Risk score is also influenced by security practices on the perimeter and the interior of a facility. Consider the example above, with the Atlanta-area facility. Once onsite at the facility, Prescient staff would assess perimeter security and enter our findings into our risk matrix to determine a specific perimeter security risk score.
We have created specific rating categories for perimeter security within our risk matrix, including:
Time to climb ratings, which rank the amount of time it would take for an intruder to climb into a facility, based on current security measures.
Runaway vehicle ratings that rank the ease with which incoming vehicles could break into a facility. This ranking considers vehicles approaching at various speeds and carrying various amounts of weight.
Blast ratings, which rank the ability of a facility to withstand impact from a blast, such as a truck rigged with explosives.
Overhead intrusion ratings that rank the ease with which a person could drop or throw items into a facility from an overhead location, such as a bridge or parking garage.
Facilities with only chain-link fences surrounding infrastructure would receive a high score in the perimeter security category in our risk matrix. Facilities adjacent to parking garages can receive very high risk scores. The higher the score, the greater the risk.
The same actions would be taken to assess the robustness of interior security of a facility. We assess the effectiveness of interior intrusion detection methods and look for reinforced equipment. Interior categories include employee access and training requirements, accessibility of components once inside a facility, and more. Ratings in each category correspond with a value in our risk matrix.
After the Assessment
After completing a security assessment for a facility, Prescient outlines improvements that will keep the facility safe from vandals, saboteurs, and other intruders. Prescient will provide electric utility companies with a security assessment score and detailed report, identifying vulnerable spots in physical security. We then recommend concrete solutions to reduce threats and improve security.
In the next part of this series, we’ll discuss three specific enhancements to power system security that should be implemented by every electric utility company to keep critical infrastructure safe. While infrastructure cybersecurity is a major concern, its not one that Prescient currently manages.
If your company is interested in learning more about our assessments, or having its physical security assessed by Prescient, contact us or check out our power system security assessment service. We’re happy to answer questions and start a dialogue about the importance of power system security.
Stay tuned for the next post in this series, in which we’ll outline some of Prescient’s specific enhancements to improve power system security.