Utility substations and power distribution equipment are attractive targets for malicious actors looking to cause widespread harm to critical infrastructure.
Nearly every developed country is more dependent than ever on reliable electric power for residential, commercial and industrial use. Natural disaster, physical attack, and equipment failure are a few basic threats that can all result in widespread power outages.
The damage caused by these outages are felt by consumers and can have significant impact on the economy and could jeopardize national security.
Why are substations important?
Electrical substations are dangerous, complex facilities that deliver power to very large areas, serving thousands of customers. They are typically owned and operated by an electrical utility, or large industrial facilities.
As part of the larger electrical grid, transmission substations convert high-voltage electricity that travels across long-distance transmission lines to distribution substations that lower the voltage for use by homes and business. Several substations within a service region may be interconnected to facilitate switching and re-routing of power as needed.
What are the risks to substations?
Substations are commonly left unattended and rely on computer-based monitoring systems for remote supervision and control. Damage or disruption to these facilities can have wide-ranging consequences to society and the economy in repairs, fines, and other expenses.
The vulnerable state of the power grid has been a recent topic of discussion among professionals in the electrical industry. Its clear that critical infrastructure, such as generating stations, transmission lines, and substations present attractive targets for malicious actors.
1. Typical Vandalism
Some substation security threats are fairly simple. Incidents of break-ins related to material theft are a common occurrence. Sometimes a disgruntled employee or activist group may deliberately sabotage equipment to disrupt local operations.
Vandals may break into a substation to cause mischief, while thieves might enter a facility to steal copper or other high-value equipment. Due to the dangerous nature of these facilities, the law of natural selection tends to correct simple theft on its own. Trying to steal energized copper generally never ends well, even if you manage to survive.
2. Extreme Weather Events
Natural events such as severe weather, floods, wildfires, or extreme temperatures can damage substation equipment. The utility industry is especially vulnerable to these types of threats.
A 2021 industry report ranked utilities as the most at risk from climate hazards as severe weather incidents occur more frequently across the world. Its estimated that over 50% of transformer failures are caused by external factors such as weather-related events.
Older transformers and aged service equipment are starting to deteriorate, making them more susceptible to failure. This makes the need for new units more important than ever to protect from severe weather and storm-related damage.
3. Coordinated Physical Attacks
The electrical grid has been physically attacked at least six times across the United States in 2022, prompting a response from law enforcement as well as the utilities responsible for maintaining critical infrastructure.
There were two substations in Moore County, North Carolina that were broken into and damaged by gunfire. An estimated 40,000 residents were without power for several days. A short time later, several more substations were attacked across Oregon and Washington.
Attackers used firearms in some of the incidents and many power customers experienced at least brief service disruption as a result. This was the second string of organized attack in the United States where a group of individuals successfully damaged a substation.
The first major incident occurred in 2013 when PG&E’s Metcalf substation was attacked with gunfire near San Jose, California. An organized group fired 100+ rifle rounds inside the substation, causing an estimated $15 million in damage.
4. Cyber Attacks
As substations continue to play an important role in monitoring and control of the power grid, Cybersecurity is becoming a critical issue for the electrical industry. Simultaneous cyber intrusions into multiple substations can lead to severe cascading events, resulting in catastrophic power outages and potential blackouts.
Substation facilities generally rely on computer-based monitoring systems for remote supervision and control. Remote sites that remain unprotected and unmonitored are extremely vulnerable to attack and the disruptions can be costly to the utility and customers they serve.
Several of the existing supervisory systems have been pieced together over time and are running on an outdated operating system. Little attention is given to these systems because they “just work” and can be expensive to upgrade, requiring expert technician labor that is in low supply.
a. GOOSE Messaging
Cyber intrusions related to communication protocols may cause serious damages to the power grid but are often an afterthought. The original substation automation standard, IEC 61850, did not include cyber and information security features for substations.
Attackers could modify Generic Object Oriented Substation Event (GOOSE) control messages and operate circuit breakers in a substation. Its also possible to send malicious protection coordination messages to other substations.
b. Denial of Service
Along with data packet alterations or sniffing, cyber attacks based on denial of service (DoS) mechanisms and the use of viruses/worms can cause serious disruptions. A DoS attack prevents authorized users from performing regular or emergency services.
This type of attack can destroy the capability of control systems or the ability to operate the system entirely. It works by overwhelming system resources with excessive traffic or sending information that triggers a crash.
c. Virus/Trojans
Stuxnet is a computer worm that was originally aimed at Iran’s nuclear facilities and has since mutated and spread to other industrial and energy-producing facilities. The original Stuxnet malware attack targeted the programmable logic controllers (PLCs) used to automate machine processes.
Even when the target has no connection to Internet, it is still highly vulnerable to this type of infection because the virus can be initiated by simple flash memory. Following a successful infection, Stuxnet updates itself using peer-to-peer communications among other infected computers.
d. Control Exploits
Project Aurora was a simulated cyber attack provided by the US Department of Energy’s Idaho National Laboratory, in March 2007. The project demonstrates how coordinated attacks on multiple power plants with the objective of damaging a large number of generators are serious threats to national security.
The intrusion was launched remotely on the control system of an electric generator. The cyber attack induced mechanical effects which caused a collision between the rotor and stator, resulting in a destruction of the windings.
e. Protection System Attacks
Protection relays are critical substation devices that are responsible for fault protection. Older relays will usually have only local serial access, but as intelligent devices evolve, remote access is enabled via Ethernet, allowing operators to perform tasks from anywhere in the world.
Remote access points and web servers make a substation vulnerable to potential attack. When these access points are compromised, malicious intruders can operate circuit breakers and gain access to critical information about a substation configuration.
Which substation equipment is most vulnerable to attack?
Substation attacks have caused millions of dollars in damages and left tens of thousands of people without power for days. A majority of electrical transmission & distribution assets are visible, accessible, unprotected and often located in remote areas.
The latest string of attacks on electric power substations demonstrate the need for physical security and continuous monitoring of remote sites.
1. Transformers
The main form of attack on transformers is to puncture the main tank with the goal of draining the insulating oil. Low fluid levels typically send the transformer into an overheated state, which should trip the unit offline via protection relays.
Other transformers on the system will pick up the additional load and may reach capacity, leading to elevated temperatures and reduced service life. If the protection system was to fail, internal arcing could lead to fire and explosion.
Recent supply chain disruptions have led to a shortage of raw materials needed for transformer production and repair. A lack of working transformer units puts the nation’s electric infrastructure in jeopardy.
Major oil leaks can also cause environmental damage if not properly contained. During the 2013 Metcalf attack, over 50,000 gallons of transformer oil spilled from the damaged transformers.
2. Bushings
Porcelain insulators are responsible for keeping energized components away from grounded components. When insulators fail, localized faults will occur and cause protection relays to trip the affected section offline.
Bushings are fragile components. If damaged or contaminated, leakage current will become excessive and eventually the insulation will flash over. Just about every component in a substation contains insulators including circuit breakers, transformers, and overhead bus work.
3. Transmission Lines
Pylons are often located in very rural areas and can be an easy target for aerial attacks. Insulators can be targeted with ballistics, and in extreme cases, small airplanes can be used to disrupt power transmission.
Residents in Maryland recently experienced a large power outage when a small plane collided with a 400kV line tower. Although an investigation found no criminal intent, crews shut down the line and worked through the night to rescue the survivors and repair the system.
4. SCADA / PLC Communications
Protection and control systems are extremely vulnerable to cyber attack as discussed in previous sections. Transmission towers may harness Wave Trap and Power Line Carrier (PLC) communications that can be disrupted along with substation fiber optic connections.
What are the potential impacts from a substation attack?
When a substation experiences a service disruption, the effects can be widespread. The impact of blackouts and other disruptions is felt by both customers and the utility.
1. Civil Impact
Traffic lights across large urban areas may instantly go dark, posing extreme risk to life safety for drivers on the road. Schools might close as a security measure, which causes disruptions in learning and parent schedules. A large number of residents may lose heat and may even require food assistance.
2. Municipal Impact
Government facilities that are not properly guarded against sustained power outage may experience computer failure and potential loss of records. The 2022 substation attacks in Oregon resulted in some of the Clackama County computer systems being knocked offline.
3. Economic Impact
A substation transformer change-out is a massive, complex job that utility companies never want to have to endure. Several reports have indicated that a single security incident can cost utility companies anywhere from $800,000 to $1.2 million in financial losses, on average.
Replacement of massive transformers require specialized crane equipment that is capable of safely lifting and moving each unit, along with specialized trailers to transport them. Crews often work long hours and through the night to swap transformers, while other crews work simultaneously to transfer power from other substations and re-energize customers.
What can be done to protect electrical substations?
In the past, remote utility substations have been unmanned and unmonitored. They have been protected only by a fence and signs that warn of the potential danger to trespassers.
In recent years, governments have been mandating the installation of more comprehensive physical security measures for critical infrastructure sites. This has prompted an industry wide response to develop new ways to protect remote substations.
1. Regulation
State legislators must work quickly to pass new laws and create funding for new regulations to harden distribution substations. Following the Metcalf attack in 2013, the North American Electric Reliability Corporation (NERC) created the reliability standard CIP-014, calling on utilities to identify critical substations and control centers and develop a response plan to potential security threats.
2. Basic Physical Security
Sometimes the most obvious solutions can get neglected. Regular inspection and human monitoring of remote sites can help identify potential threats before they are able to inflict damage.
a. Grounds Maintenance
Ensure that substation gates, fences, locks and similar perimeter security assets are in good working condition. This won’t necessarily protect against forced break-ins but it will help keep larger animals away from critical equipment.
A well-maintained location shows there is regular care and visitation to the site. Avoid leaving your substation neglected and overgrown as this will make it a more attractive target.
Look for signs that someone might be targeting your substation. Items like litter, bottles, disturbed ground, cigarette butts, or other signs of unusual human activity could indicate someone is actively patrolling the site and looking for opportunities.
b. Lighting and CCTV
Mischief tends to take place in the cover of darkness. Well lit grounds keep the perimeter visible for surveillance and will deter intruders who don’t want to be seen.
Many utilities have installed commercial-grade security systems and cameras that allow sites to be monitored remotely. While these systems offer an improvement, they can sometimes be unreliable and prone to harsh substation environments or attack.
c. Card Reader Access
Keeping a visitor log via electronic access is a cost effective way to keep records of site activity. Having authorized users swipe in and out will timestamp who visited the site should an investigation ever take place.
3. Advanced Physical Security
Some utility companies have been taking a different direction of looking into how to physically harden their critical substation assets. Transformers are generally the main focus due to their critical nature and long lead times.
a. Compact Apparatus
Gas-insulated switchgear has the advantage of a much smaller footprint, taking up less expensive real estate compared to non-gas installations. SF6 circuit breakers are also very reliable and require less maintenance than air blast or oil breakers.
With gas-insulated design, several components are incorporated within a closed gas tank. This protects against unwanted environmental matter, like dust, humidity, or animals, making gas insulated apparatus nearly maintenance free over the span of their service life.
Gas Insulated apparatus is more compact, robust, and can be protected by physical barriers much easier than air insulated design. Recent advances in SF6 alternatives allow for Eco-friendly transmission equipment in the 400kV range.
b. Concrete Walls
Replacing weak chain link fencing with solid concrete or cinder block walls can help deter from long range ballistic attack and make it much harder for intruders to gain access to a substation. It is easier to protect gas insulated equipment due to its size but can be susceptible to insulation leaks if the main enclosure is punctured.
c. Obfuscation
Substations can be built into facades within cities that resemble two story houses or small commercial buildings from the outside. Others sites can be tucked alongside a railroad, or under a freeway.
In some cases, substations can be so constrained by their environment that there is no room to fortify them in any fashion. New locations may need to be considered if other security measures are insufficient.
d. Shielding
Kevlar material is a surprisingly light bullet-resistant fabric. The low weight allows for convenient transport, minimal structural impact, and mobile practicality.
Ballistic panels and shielding made from Kevlar have been developed for easy installation around critical substation equipment. Special paint coatings and steel panels are also available from manufacturers to harden transformer installations.
e. Infrared Sensors
Security monitoring systems can easily be deployed with visual and thermal sensors. Working in harmony, the sensors allow operators to continuously monitor the health of high-value substation assets while also detecting potential security threats.
f. Gunshot Sensors
Data-driven tools can enable law enforcement to be more efficient and effective. A network of acoustic sensors can detect, locate and alert police to nearly all gunshot incidents.
Each acoustic sensor captures the precise time and audio associated with impulsive sounds that may represent gunfire. This data is used to locate the incident via triangulation and is then filtered by sophisticated machine algorithms to classify the event as a potential gunshot.
g. Autonomous Robots
“Spot” is an agile robot developed by Boston Dynamics that resembles a pet dog and can navigate terrain with unprecedented mobility. It embodies the latest advancements in robotics, allowing its users to remotely control and automate inspection procedures.
Robotic technologies like those offered by Boston Dynamics are a great choice to bolster security within substation grounds alongside traditional motion sensors, lights, etc. These type of robot are very agile, move quickly, and can be fitted with infrared, night vision, and a variety of deterrent systems.
Any type of alert from other security systems can be used to trigger a robot like spot to walk the grounds and provide live video feed to a remote monitoring facility.
Related
Siemens Pretact – Bullet resistant power transformers
ABB transformer resilience with minimized design impact
Report shows 6 intrusions at Florida power stations
Electrical substation vandalized causing thousands to lose power
String of electrical grid attacks in Pacific Northwest is unsolved
With 20 years of experience in power systems testing and maintenance, I am a seasoned professional dedicated to enhancing operational efficiency. I excel in improving processes, systems, tools, research, training, and technology implementation. Contact me to see how we can keep your systems running at peak performance.