WAPA » Newsroom » News features » 2015

Western beefs up physical security

In the wake of increased infiltrations and surveillance of the nation’s electrical infrastructure, Western is proactively assessing the security of its transmission stations, substations and primary control centers in advance of a new reliability standard anticipated to take effect this winter. 

The North American Electric Reliability Corporation developed Critical Infrastructure Protection 014 to lessen the overall vulnerability of the bulk electric system, or BES, to physical attacks. The Federal Energy Regulatory Commission is expected to approve the new reliability standard soon, making its six requirements mandatory within 90 days.

“We recognized a need to identify our current physical security posture in 2013 and began to develop a holistic approach to physical security assessments and mitigation strategies that we would apply to all Western’s sites before NERC even began drafting CIP 014,” said Director of Security Keith Cloud. 

NERC CIP 014’s six new requirements essentially boil down to three steps utilities must take:

  • Identify critical facilities on the BES
  • Evaluate threats on those facilities
  • Develop and implement plans to protect critical facilities against those threats

“Our goal is to reduce Western’s overall physical security risks for all sites based on sound assessment and mitigation strategies,” said Cloud.

“It is not primarily our assets I worry about at night,” added Administrator and CEO Mark Gabriel. “It is the fear that one day, a Western employee will stumble upon some criminal activity at a site. We need to make sure we are adequately protecting our critical sites for employees and the reliability of the grid.”

Staying ahead of the game

After NERC drafted CIP 014, the Office of Security and Emergency Management hired a contractor in 2014 to begin assessing all 300 sites across Western, starting with the sites covered under CIP 014. The assessments evaluate the current security posture and identify threats and additional countermeasures that either are required by Western or Department of Energy policy or recommended by the contractor.  

“Western determined several of its transmission station, substations and primary control centers fell under CIP 014 and completed assessments for those sites and 21 others in 2014,” said Headquarters’ Physical Security Specialist Jaime Kirchue.  

There is not an exact formula for determining a critical site. All facilities rated at 500-kilovolt and above automatically fall under CIP 014. The others are determined by transmission system planners using load studies that then must be confirmed by a neutral third-party reviewer. Bonneville Power Administration serves as Western’s reviewer to evaluate both the load studies and the resulting physical security and remediation plans. 

“Once the physical security risk assessments and remediation plans are reviewed and approved by Western, the plans are released to the applicable region to either implement the remediation plan or accept the risk if not implementing certain security measures,” said Kirchue, who has worked with physical security risk assessments for the federal government for the past 10 years. “The plans are designed to allow regional and maintenance managers to make risk-based decisions on what countermeasures to implement based on their needs and available funding.” 

Western’s plans include all physical threats, like natural disasters and criminal activity, outlines best practices in physical security and provides Western and DOE security policy. For example, Western’s policy requires that all sites have a 7-foot fence around the perimeter and door locks. 

Retrofitting a site could cost as much as $500,000 or could cost nothing if the recommendations focus on personnel practices and administrative procedures, like not tailgating into a site or removing transmission maps from plain sight. New sites will be assessed as they are built, removing the need for expensive retrofitting after the fact. 

Western will assess 75 noncritical sites each year through 2019 to complete initial assessments at all 300 sites. “These initial assessments will serve as a baseline for the recurring assessments that we will do to ensure our plans are up to date with current threat information,” said Kirchue. 

CIP 014 mandates a review period for risk assessments. Western will re-evaluate its critical sites every 30 months and noncritical sites every 60 months to make sure plans have the most up-to-date threat information and best countermeasures.  

No utility an island 

OSEM has taken steps to improve Western’s communication and information sharing when there are incidents at sites. One of the chief obstacles to effective security response and awareness in the energy industry is the difficulty utilities have sharing information with one another and with counterintelligence agencies. The problem is due both to a lack of communication protocols and appropriate infrastructure for sharing information and a self-inflicted fear of communicating incidents because of, ironically, security concerns. 

“Cross communication is a vital part of incident reporting. Western has taken steps to communicate with industry partners on incidents to promote information sharing. We have recently updated our reporting procedures to identify specific roles and responsibilities and ensure proper incident notifications to agency stakeholders, law enforcement, State Fusion Centers and Electricity Sector Information Sharing and Analysis Center,” said Cloud.  

Western is also participating in Project Power Surge, a collaborative group of Department of Energy organizations that are trying to standardize the risk assessment approach for the industry. The initiative’s goal is to develop an all-hazards process that will cover both cyber and physical security and identify different levels of security standards for critical and noncritical sites. 

“Our primary concern over physical security is the impact to our staff and others who may be injured as a result of a physical security incident,” said Cloud. “Western takes the safety of staff and others very seriously and is taking every attainable measure to protect our employees from a potential incident.”  

What is a critical facility? 

NERC defines a critical facility as “one that, if rendered inoperable or damaged, could have a critical impact on the operation of the interconnection through instability, uncontrolled separation or cascading failures on the Bulk Electric System.”

Page Last Updated: 8/24/2015 10:39 AM