The Top Vulnerabilities of Power Substation Security Systems


The costs associated with security and safety breaches at a power substations can range from damages and repairs to millions in lost revenue, and in the worst cases, loss of life. Substation security, in light of recent high-profile attacks, has become a hot topic for power companies and infrastructure stakeholders.

The key to securing your substation facility comes in both identifying the risks and vulnerabilities of each facility, as well as taking proactive steps to mitigate them whenever and wherever possible.

The Most Common Threats to Substation Security

Copper Theft

By far, the most common threat to substation security today is theft. Many people fail to realize just how valuable copper is, or the lengths thieves will go to in order to steal it. Over the last decade, there have been countless reports of thieves going to great lengths to steal copper.

When this happens there are high costs involved to replace and repair the damages, sometimes resulting in lengthy downtimes. Due to its construction, copper is a prominent fixture in mission-critical elements likely to be found around the substation. Matched with the history of substations having lax security and commonly being located in remote areas, they have become an attractive target. In each instance, the costs of the copper theft alone can reach into the tens of thousands of dollars.

Copper theft isn't just a threat to the substation facility - it's also a threat to the thieves themselves. In order to steal copper, thieves are going into high-voltage areas with bolt cutters. If they happen to clip a wire that is active, they will most likely be severely injured and possibly even killed.

Malicious Attacks

Another emerging threat substations are facing on a regular basis is vulnerability to malicious attacks. One of the most prominent examples of this is the Metcalf substation attack in California. In the middle of the night, snipers began shooting out the transformers. The shooters were never apprehended, and the damages cost upward of $15 million dollars, and it took a year to repair the damage.

This attack showed the vulnerability substations have to gunfire - the pierced transformers drain out all their oil and burn up, costing thousands of dollars just in replacing each transformer. Critical systems lose power and everything that station serves is shut down.

The obvious impact coordinated attacks of this nature could have on our infrastructure, and the power grid as a whole, have government agencies in a number of discussions about what exactly should be done to address it.

After the attack on their Metcalf substation, Pacific Gas and Electric (PG&E) invested $100 million dollars in upgrading security. Yet, one year later, the Metcalf station, a vital part of the Silicon Valley power grid, was attacked again. This time, thieves cut through the perimeter fencing and stole equipment from the site.

Cyber Attacks

One of the more pressing issues to substation security has to do with cyber terrorism. If a hacker is able to remotely connect to the equipment inside the substation, they could cause it to malfunction and overheat, or otherwise destroy it in some way.

This type of event has already happened with the damage done by the Stuxnet worm that attacked Iran’s nuclear centerfuges. However, with cyber terrorism from countries like China and Russia happening often, the obvious threat to our power grid is glaring. This is why the North American Electric Reliability Corporation (NERC) was commissioned to develop security regulation, which in 2007 their Critical Infrastructure Protection (CIP) standards were adopted by the Federal Energy Regulatory Commission (FERC). Since that time there have been several different versions of the standards adopted to arrive at CIP014-1 where we are today.

How to Mitigate Threats to Substation Security

The good news regarding many of these types of threats is that there are steps officials can take to mitigate them or, in some cases, eliminate them entirely.

Substations need to undergo a layered approach to security. Security should be separated into a zone-by-zone basis with the following minimums

  • Outer Perimeter Security
  • Inner Perimeter Security
  • Cyber Security

Technology, in each zone, should be used in tandem with one another for space protection, intruder detection, and intrusion prevention. Some of the technological solutions being used in these cases are video analytics, gunshot detection analytics, outdoor motion sensors, vibration sensors, radar, and more.

When it comes to outer-perimeter security, a layered approach is a necessity. In the past, this was limited to a chain link fence and a padlock. That may have worked in the past, but isn’t much more than a deterrence to stop criminals today. Today, companies should consider having a dual-perimeter, along with the technology to sense, analyze, and track any intrusion threats that near the facility. In considering the attack on the Metcalf substation, and the fact that unmanned aerial vehicles are posing a new threat to substation security, some companies are discussing enclosing their substations entirely.

Minimizing Risks Moving Forward

Power companies are planning to spend hundreds of millions of dollars over the next decade, applying both physical and cyber security solutions to prevent attacks and accidents at substations. The key is to stay ahead of the curve on current risks, vulnerabilities, and threats while also keeping an eye on new, emerging threats that need to be proactively considered and planned for.

Having a secure substation means identifying the risks and vulnerabilities of each, individual facility, and putting in place a security system and processes to protect against those issues. Homegrown terrorism threats aren't just a danger to a power company. It's a threat to the infrastructure of our country.

Real security of the national infrastructure won't come from only power companies spending money on security systems. It will come when local, state, and federal governments realize they are all stakeholders. Not only that, but the citizens themselves can be a layer of security, keeping a vigilant and watchful eye for suspicious activity near our critical power facilities.

When we realize we are all stakeholders, from the individual citizen, to the government officials, to the power company executives, we can start the discussion of truly securing our power infrastructure.


The Modern Enterprise

Security is more than keeping employees and physical assets safe. In today's rapidly changing world, we need to understand the latest threats to enterprise security.




Ron Oetjen (Linked In, Twitter, Facebook) -