Part One - External Security, Part Two Defending Your Plant
By Rich Merritt
Someday, your process plant may look like the Deloitte Cyber Centre in Amsterdam, a veritable fortress. The computer center is surrounded by a high fence, a guardrail and road barriers to keep vehicles from smashing through, pressure sensors in the parking lot to detect the movements of vehicles, infrared sensors and video cameras to track the comings and goings of people, computers that monitor the sensors looking for suspicious behavior, and multiple levels of security, starting at the front door.
For a visitor, getting all the way into the data centers inner sanctum server farm requires a guide, ID card, passing through multiple entry points and finally through a man trap door (one door opens into a tiny, glass-enclosed room, where you wait for security systems to open the second door). Security computers know who you are and where you are at all times. If the computer is unhappy with you, the man trap will hold you until security arrives.
Setting up such a system is a whole new challenge for a process control engineer. Yet, as security concerns escalate across the industry, you may be shopping for man traps soon. Table 1, Threats and Mitigation, describes the various problems you might face, and the security solutions that will work. Its up to you to decide if you have a high-risk chemical facility or a low-risk toy distribution center, and how much security you need.
In the old days, chain link fences and junkyard dogs were enough to scare off intruders and trespassers. But times have changed. If you have a plant that might be the target of terrorists, industrial spies, activists, the anti-this or anti-that group, disgruntled employees or sophisticated thieves, your security problems have increased a thousand-fold.
Fortunately, major control vendors are collaborating with security firms and integrating security functions with process control and building automation systems, so help is available. For example, ABB and Saab just agreed to combine automation and security for municipal and industrial sites. Honeywell integrates its own security equipment into its DCS, Invensys adds video from Industrial Video & Control Company to its DCS, and Emerson works with Cisco.
Soon, you will be able to monitor security at your chemical, water treatment, food manufacturing or other high-risk facility right at your HMI workstationsstarting with perimeter security.
On the perimeter
Lets start with fences around the plant. A good fence deters, detects and defends. However, a skilled person can still climb any fence. Research at Sandia National Laboratories shows that a highly skilled trespasser can get to the other side of a well-designed fence in about four seconds. Even unskilled trespassers, using screwdrivers as handholds, can get over most fences in 15 seconds.
The best you can expect from a normal industrial fence is a 40-second delay at the perimeter by using a series of fences, barbed wire, razor wire and other devices. This gives the system time to determine if there is an intrusion, notify the proper authorities, and delay the intruders long enough for security to respond.
Figure 1. A good fence should delay intruders for about 40 seconds, giving security time to respond. Sensors using fiber-optic cable, coax or taut wires, detect when somebody climbs the fence.
Some intruders, however, come right through the main gate.
Almost all high-risk plants have some sort of guard shack to stop vehicles for a check. But how much protection do you need? It probably depends on your assessment of the risk, or how much the Department of Homeland Security.
Keeping vehicles out requires barriers. The day we interviewed David Dickinson, senior vice president at Delta Scientific, terrorists bombed the U.S. embassy in Yemen. Delta Scientific had installed the barriers that kept the terrorists from getting too close to the embassy building. Although the building suffered minor damage and people in front of the building were killed, vehicle barriers kept the truck with its bomb from doing more extensive damage to the embassy. So, barriers work.
Today, at high-risk production and distribution facilities, more is needed at checkpoints than simply verifying if a person is authorized to enter, says Dickinson Security systems must be employed that stop a vehicle, even one weighing 15 tons going 50 mph, dead in its tracks. That vehicle must be stopped where you want it stopped. Figure 3 illustrates how a bollard barrier stops a vehicle (you can see video of this at http://www.deltascientific.com/vid_dsc600.htm)
Figure 3: STOP THAT TRUCK!
The most frequently used technique is to require a sharp turn immediately in front of the barrier. When vehicle speed is reduced by 50 percent, the "hitting power" is reduced by four times. Straight lines make for faster and easier approaches for vehicles, Dickinson says, so it's best to create curves on the access roads to your facility as a natural impediment to speeding cars or trucks.
One of the most effective barriers is embedded in the ground (Figure 4), with the barrier sticking up. It is lowered to allow passage of authorized vehicles. Bollards (Figure 5) can protect property, such a control room building, or other assets such as a parked tanker, tank farm or guard shack. Bollards can be rigid or can be raised or lowered to let traffic pass.
In cases where you cant completely surround critical areas with fences, you may need intruder detection systems.
Developments in video and infrared (IR) cameras are making it possible to monitor remote areas of the plant and remote sites, such as electrical distribution systems and transformers, or to respond to alarms from intrusion detectors.
Figure 4: POP-UP BARRIERS
Studies have shown that humans will lose interest and be unable to detect changes shown on screens if they are forced to stare for more than 20 minutes. In many cases, the first time operators or security personnel actually see what's on the monitor is when an alarm goes off. Then, if they want to see what happened in the 30 seconds or so before the alarm went off, they have to rewind the VCR or DVR.
Modern digital cameras have the ability to detect when an anomaly occurs--such as someone walking into the frame. The camera can trigger an alarm which will alert security personnel. Digital camera images can also be stored on a continuous basis by a video server, which can store as much video as you have disk space to use typically a month for four cameras, or 12 cameras for 10 days.
The Littleton Water Department in Littleton, MA, has facilities spread across the community, including a treatment plant, four wells, and three storage tanks. Our first step was to install intrusion alarms linked into our SCADA system, but this created a problem with false alarms, says Savas Danos, General Manager of the Littleton Water Department. Thats when we decided we really needed to see what was going on at our remote sites because it was a waste of time and money to physically check the site each time.
Figure 5: BOLLARDS BLOCK BEAUTIFULLY
Modern video surveillance systems also can be programmed to respond to events. Security personnel can configure the video system to automatically pan and zoom in to a specific location if an alarm occurs, such as to where they might expect to see an intruder's face. The pan and zoom procedure can be triggered by the camera system, the video server, a proximity switch, infrared detector, or any other input. And, because all the video is archived continuously, security can configure it so that all images from, say, 30 seconds to a minute before an event occurs be saved automatically in the event video clip. This eliminates the need to rewind a VCR, and allows security people to replay the event as many times as they need to analyze what happened.
"Video images of events can be put on any HMI screen, such as the building control system, security system or plant control system," says Rubin. "Surveillance is no longer limited to a bank of monitors in a security office. Today, video images from around the plant and from remote areas can be captured, viewed by anyone anywhere, and then stored as a permanent record on a disk."
Good perimeter security keeps bad guys from breaking into the plant. But what happens if bad guys get into the plant legally, right through the front door?
Security operations that use closed-circuit television (CCTV) analog cameras to monitor areas of the plant or building face a number of challenges. These systems require dedicated networks, and their images are stored on videotape. More of a drawback is the fact that the systems require security personnel to watch banks of monitors (frequently still black-and-white). Boredom and human physiology start to work against the effectiveness of such systems pretty quickly.
Studies have shown that humans will lose interest and be unable to detect changes shown on screens if they are forced to stare for more than 20 minutes. In many cases, the first time operators or security personnel actually see whats on the monitor is when an alarm goes off.
On the other hand, modern digital cameras have the ability to detect when an anomaly occurssuch as someone walking into the frame. The camera can trigger an alarm that will alert security personnel. These newer video surveillance systems also can be configured to pan and zoom in to a specific location if an alarm occurs. The procedure can be triggered by the camera system, the video server, a proximity switch, an infrared detector or any other input. Security personnel can save all the images of a particular event and replay them as often as necessary to fully understand the incident.
According to Stephen Lambright, vice president of marketing and customer services for wireless networks and services provider Apprion, industrial-grade video often is a less expensive way to monitor operations. Wireless is also making inroads into security. Lambright says that wireless wireless cameras can view locations that would be too risky or too expensive to trench or wirejust the kinds of remote locations that are attractive to intruders hoping to sneak past the guard shacks.
Wireless is also making inroads into security. Lambright says that wireless wireless cameras can view locations that would be too risky or too expensive to trench or wirejust the kinds of remote locations that are attractive to intruders hoping to sneak past the guard shacks.
Using applications such as Apprions ION Wireless Video Monitoring, security-conscious companies can integrate the the monitoring and management of both their IP-enabled security cameras and their wireless networks to strengthen security even more. This application enables network operators using a Web-based console or mobile device to monitor the status and network activity of any IP-enabled camera and the network availability of the link to that device. When a link to an IP camera is down, operators are alerted, and may be able to diagnose and resolve the issue remotely. After all, even the highest high-tech system is useless if its broken.
Good perimeter security keeps bad guys from breaking into the plant. But what happens if bad guys get into the plant legally, right through the front door? Thats another story.
Rich Merritt is a Control contributing editor.
Security at Geismar: Keeping Intruders Out
The Honeywell Specialty Materials chemical facility is located on the Mississippi River in Geismar, La. Its the largest production site for hydrofluoric acid in the U.S., a main production site for refrigerants and a showcase for modern security technology.
Figure 2. At Honeywells Geismar plant, radar tracks the movement of ships on the Mississippi and in the docks.
Honeywell protects the facility by employing a comprehensive defense in depth strategy that integrates physical, electronic and cyber layers with building automation, security and process control systems.
To keep intruders out of the facility, Honeywell Geismar uses several methods:
- Perimeter fencing (see figure 1 above) is equipped with coaxial cable for sensing and detecting fence disturbances such as vibration, cutting and climbing;
- Radar (Figure 2) tracks traffic on the Mississippi River and in the dock areas and alerts security if a vessel comes too close to the plant;
- Video cameras watch key plant areas to detect intruders.
Security data, alarms and camera images are transmitted on the same network used by the control systems.
From the physical perspective, Honeywell recommends an integrated solution that facilitates automated processes, giving users the ability to detect, deter, prevent and mitigate physical security threats.