Physical Security Threats to the Transmission and Distribution Grid, Part 1

While popular media continues to feature the ongoing cyber security threats to the electric utility transmission and distribution (T&D) grid across the globe, with recent cyber attacks in Eastern Europe, another T&D grid threat is looming on the horizon. Over the past 6 months, there have been repeated physical security attacks on utility T&D infrastructure in Eastern Europe and Southeast Asia. The unfortunate truth is that substations and power lines on the electric transmission system are particularly vulnerable to physical attacks, where large, high-voltage transformers are typically located in exposed outdoor conditions, and transmission towers can be seen stretching to the horizon.

Incidents such as the Metcalf Transmission Substation gunshot attack in 2014 and the recent transmission tower attacks in Eastern Europe have received significantly less attention in the media. However, they have been serious enough that the North American Electric Reliability Corporation (NERC) in 2014 released and revised Critical Infrastructure Protection-14 (CIP-014) regulations that require utilities to secure their infrastructure from physical and cyber security threats, as well as to identify and strengthen weaknesses in key substations.

Equipment Initiatives

In 2015, a group of eight U.S. transmission system operators (TSOs) announced a new initiative to speed their response to major physical attacks or other equipment failures on the transmission grid by establishing regional warehouses and inventories to long lead-time critical replacement technologies. Participants include American Electric Power, Berkshire Hathaway Energy, Duke Energy, Edison International, Eversource Energy, Exelon, Great Plains Energy, and Southern Company. These companies have committed to a memorandum of understanding to develop Grid Assurance, a limited liability company that will stockpile the critical equipment necessary to shield utility customers from prolonged transmission outages in multiple locations across the nation. Grid Assurance will own and provide participants and subscribers with timely access to an inventory of emergency spare transmission equipment that could otherwise take months to acquire.

Since the release of the NERC CIP-014 regulations in 2014, utilities are significantly more aware of potential threats and vulnerabilities in the grid. Aging infrastructure, natural disasters, and coordinated attacks on key substations are all major issues. Unfortunately, on the transmission grid, a single major attack or breakdown can have long-term regional or national effects on the United States. A recent 2015 industry survey looked at initiatives that over 200 TSOs have taken since the NERC ruling. Findings included:

• 49% of utilities have identified threats and vulnerabilities to critical assets, though 28% haven’t taken further action
• 42% of utilities surveyed have already developed physical security plans to address potential threats
• 40% have not taken any hardening measures to limit or prevent damage to critical assets in the last 2 years

While it is clear that TSOs are vulnerable to both physical and cyber security threats, the obstacles they face in terms of timely service restoration are daunting, to say the least. I’ll discuss these obstacles in Part 2 of this blog series on physical security.