Our Electricity Infrastructure: Built for a World That No Longer Exists
I see a lot of substations every year, and most of them have chain-link fences. I think chain-link fences are obsolete, but don’t take my word for it. IEEE 1402-2021, “IEEE Guide for Physical Security of Electric Power Substations,” includes the following statement: “A standard chain-link fence is easily cut, and most purposeful intruders use this method to gain access. Chain-link fences are therefore of limited value against this type of intruder.”
The length of delay offered by a plain 9-gauge AWG wire, 2-inch mesh chain-link fence is measured in seconds, not minutes. A reasonably fit person can climb an 8-foot fence with 2-inch weave and no top guard in 10 to 20 seconds. If you add a top guard that uses barbed or razor wire, extend the time 15 to 60 seconds.
So, why do we see so many companies still using these fences?
A March 2024 article published in T&D World stated that in “North America alone, it’s estimated there are over 79,000 substations in service, with an average age of these substations of around 40 years” (see www.tdworld.com/substations/article/21283499/digital-substations-intelligence-where-its-needed). In a 2014 update, the U.S. Department of Energy stated that the “average age of installed [large power transformers] in the United States is approximately 38-40 years …” (see www.energy.gov/sites/prod/files/2014/04/f15/LPTStudyUpdate-040914.pdf).
For the sake of argument, let’s accept that the average age of our substations is 40 years, or approximately two generations. That means half of our substations are even older. Typical substation security in 1985 was oriented toward safety – not security – and consisted of a chain-link fence 7 to 8 feet in height, a barbed-wire top guard, locks, and some signage and lighting. Detection and assessment capability typically did not exist. They were designed to keep the public out.
Since 1985, North America has seen a great number of changes. Which ones have impacted substation security?
Copper Theft
Global demand for copper has nearly tripled over the past four decades, from about 10 million tons to 28 million tons. The increase has been driven by rapid industrialization and urbanization in China, energy transition from fossil fuels to renewables, rapid urbanization in emerging economies and a global surge in advanced telecommunications.
Copper is very recyclable; there have been 550 metric tons of copper produced worldwide in the past 125 years, two-thirds of which is still in active use. In the past decade, 30% of the copper used annually came from recycled sources.
When people think of copper, they often think about electricity. Many of us also know that (1) a large amount of copper is used in substations and (2) most substations are unmanned. Copper is easily cut with commonly available tools, enabling thieves to sell it to recyclers with little risk involved.
The increased copper demand at our substations is noticeable. However, until the Electricity Information Sharing and Analysis Center (E-ISAC) recently began compiling statistics, there was no reliable data that aggregated substation intrusions. This lack of earlier reporting means that most information regarding intrusions and thefts was anecdotal, local and devoid of wider context. Often, unless it directly happened to you, little evidence existed upon which a security budget increase could be based.
Cutting Tools
Battery-operated metal-cutting tools received a boost in the late 2000s and 2010s due to the broad adoption of lithium-ion batteries. Cordless angle grinders and reciprocating saws became standard trade tools that were also available to thieves.
From 2019 to 2022, we saw an increase in the use of cutting tools to commit catalytic converter theft in mere minutes. The tools are also used to cut copper grounding cables and straps or chain-link fence fabric. Someone can cut a hole in a 9-gauge, 2-inch weave chain-link fence in one to two minutes. Because they make a lot of noise and produce showers of sparks, cutting tools are most often used in remote areas and other locations with slow police response times.
Cordless power tools are now considered a baseline adversary capability, not the equipment of a specialist.
2013 and 2022
Concerns about the physical security of substations may be a newer phenomenon than we realize.
Two attacks greatly shaped modern substation security: the Metcalf sniper attack on April 16, 2013, and the Moore County, North Carolina, shooting attack on December 3, 2022. After Metcalf, the Federal Energy Regulatory Commission ordered the North American Electric Reliability Corp. (NERC) to develop a physical security standard, which became CIP-014 for critical transmission stations/substations. Via E-ISAC’s physical security advisory group, the industry developed the Electricity Subsector Design Basis Threat, adopted in 2015. These steps catalyzed many upgrades at high-voltage sites.
The Moore County attack – one of several distribution-level attacks in late 2022 – highlighted that distribution assets generally aren’t covered by NERC’s physical security standard. California is one notable exception; the California Public Utilities Commission’s D.19-01-018 (2019) established state requirements for distribution utilities to identify critical assets and implement security plans.
What Should We Do?
Many security budget decisions are made by people who learned about substation design – including protective barriers – before they became a mainstream design driver. Utility leadership and engineering managers tend to be 47 to 50-plus years of age, and many utility employees are 55 or older. This indicates most current leaders began their careers well before 2013, when the Metcalf attack brought substation security into focus.
Even if every substation built from today forward uses alternatives to chain-link fencing, it is still the predominant fencing in the electrical sector. So, what should we do about it?
Every utility’s first step, if they haven’t done it already, should be to rank their assets from most to least critical. When evaluating security, start at the top of the list and work your way down.
Second, develop substation security standards for your organization that will ensure your most important assets receive the most security. When fences at your most important substations reach the end of their lives – typically around 20 to 25 years unless they are in a corrosive environment – ensure they are replaced with more secure alternatives. But do it earlier if you can.
Third, work with your engineering department. If copper grounding material is stolen from a substation, it will be replaced with what your company’s specifications call for, not necessarily what the security department asks for. Talk to the engineers and ask them to build modern secure fencing and copper grounds alternatives into substation specifications. If there is no copper available for harvesting, fewer intrusions will occur.
The last article I wrote for Utility Security, which focused on responding to substation intrusions, ended with, “It all starts with a meeting.” This is no different. Decisions about substation security are not made in the security department – they are made by operations and engineering employees.
We must talk to them about the threats we face, changes in the security environment and our options to treat facilities risks. We also must request that they adopt standards to increase delay times, allowing law enforcement to arrive before an intruder can enter the yard. Finally, we must stop using copper above ground to prevent these intrusions altogether.
About the Author: Ross Johnson, CPP, is president of Bridgehead Security Consulting Inc. (https://bridgeheadsecurity.com).