Skip to content Skip to footer

Why it’s time to think about the cyber-physical security of electrical infrastructure

Electrical Review Logo

Steve Green, Business Development Manager at Genetec, explores the importance of both physical security and cybersecurity in protecting unmanned electrical and power infrastructure. 

Securing or monitoring access to electrical and power infrastructure presents a unique set of challenges, both physical and cyber. Unlike data centre operators, energy and utilities providers can’t rely on closely guarded access to dedicated facilities to keep the organisation safe. Instead, they require constant oversight of a huge range of assets, over a wide geographic area, that is frequently unmanned. These can range from larger sites, such as substations, down to the individual cabinets that are found on public streets.

In each case, the emergence of the Internet of Things (IoT) offers new possibilities for the reliable monitoring of any form of unmanned power infrastructure. For example, it can simplify the secure granting of real-time access and automate the creation of records detailing who had access to what, when, and for what period. However, this intelligence can only be appropriately harnessed, and the physical and cybersecurity threats appropriately addressed, when all the information from a range of IoT sensors is made available through a single unified security platform. 

Physical security

For restricted security areas, a multi-layered perimeter protection strategy is needed. A combination of different sensors and technologies should be relied upon to protect the boundary, which should comprise the holistic site and property perimeter, as well as the internal perimeter, so that all is not lost should one method fail.

For example, radar and LiDAR can be helpful for any perimeter where entry and exit needs to be controlled and monitored. Automatic Number Plate Recognition (ANPR) can alert users to unverified vehicles that approach any facility and can be linked to lists of high-risk vehicles known to the authorities. All these systems will give operators more of the tools required to prevent and delay intrusion, however, when these devices start to work together you create better informed incident reports.

In isolation, any one sensor will have its limitations. But by combining them it is possible to build a resilient system that is difficult to defeat. With a unified solution, operators can get a better overview of all their security devices. Being able to collate information from different devices in one place removes blind spots created by moving between separate, siloed systems. It is built from the ground up, incorporating existing IoT security hardware, and has the flexibility to integrate more hardware when upgrades are required.

Operational efficiency

When using different devices to gather information, incoming reports can be overwhelming. Unification makes it easier for teams to connect the dots between events and cross qualify intrusion alerts enabling communication between disparate systems. Merging data into one report is a key advantage of a unified system.

For instance, if a sensor around a substation is triggered, operators can seamlessly check their video streams in the mapping module to get a broader view of the situation and confirmed location. This makes operations more efficient as operators remain in the right place to gather more information for quick decision making. It will also drastically reduce the time wasted on investigating false alarms.

Cybersecurity

Globally, cyber-attacks are increasing in frequency and severity. By the end of this year, the expected worldwide cost of cybercrime is $6 trillion, and this figure is expected to go as high as $10.5 trillion in 2025.

IoT devices such as IP surveillance cameras have become a top target for cyber criminals because of their relatively high computing power and good internet traffic throughput. Indeed, out of date devices, or devices that have been configured poorly, are an easy attack point for hackers that want access to an organisation’s network.

It is therefore essential that energy firms choose security vendors they can trust and who keep cybersecurity and privacy in mind from the early design stages. Moreover, it is crucial they follow cybersecurity best practice and maintain the health of their systems. A unified solution can help organisations achieve this, as it alerts operators on when hardware is going out of date, or if its health is posing a risk. Early warnings like this can be achieved without compromising security functions.

Conclusion

With the advent of new technology changing the way that unmanned energy infrastructure is kept secure, firms must reinforce their best practices to keep their sites protected. The introduction of IoT devices means little if they are unable to communicate with each other and bring the right intelligence back to the operator. Deploying unified solutions and working with partners who have a proven track record will keep security teams on top of the threat and provide more reliable security for critical industries.

Steve Green

Business Development Manager at Genetec

Top Stories

Electrical Review is the go-to source for electrical engineers, with more than 150 years of dedication to the industry.


© SJP Business Media.