Getting to Grips with... site security
The current threat level for international terrorism in the UK is classed as ‘severe', and damage or destruction to essential water services by extremist groups has the potential to threaten public health, disrupt services and even cause loss of life. What can be done to mitigate the risk?
by Chris Edwards, Account Development Manager, Siemens Building Technologies
Q: Which protection strategies should be considered?
A: It is vital for water authorities to drive a risk management strategy, which should be supported by governance and implemented by the board and senior management. All employees, contractors and suppliers should have a clear understanding of the risk management regime and be familiar with all related policies, practices and risk boundaries.
The best methodology for water authorities to safeguard themselves against security threats is to use a fusion of protective measures encompassing physical, personnel and cyber security. A multi-layered approach will deliver the optimum combination of deterrence and detection, and assist in the delay of any attack. It is imperative that procedures, measures and investments put in place are appropriate and proportionate for that specific situation. Even within the same authority, the needs of different locations will vary considerably; therefore priority must be given to ensure the security measures taken are relevant to the threat, rather than a ‘blanket approach’. A full risk assessment should be undertaken across individual locations to uncover potential vulnerabilities, understand the impact of intrusion or attack, and identify the optimum security response.
Q: What role can technology play?
A: Water authorities are often located on large and remote sites, creating vulnerabilities and making safety and security a key issue of concern. Therefore the key purpose of electronic security systems for this industry should be to deter, detect, delay and deny unauthorised intrusion and to communicate and control any security or hazardous incident.
A typical project scope might encompass: command and control solutions; wide area surveillance; perimeter and site intrusion protection; access control for people, contractors and vehicles; alarm management; fire detection and extinguishing; phased evacuation systems; and lone worker monitoring and asset tracking.
Q: What level of technology integration is needed?
A: The integration of multiple security technologies provides centralised situational awareness, improved information and intelligence, effective response to critical events and the proper co-ordination of resources. To achieve a fully protected infrastructure necessitates the installation of robust command and control platforms that improve protection across multiple sites, manage critical situations and enhance procedures. Centralised command and control platforms improve efficiency and enhance security and safety operations, whilst reducing risks. Operators are immediately prompted to take the correct action and the software will automatically set in motion a sequence of pre-agreed activities to ensure the right procedures are adhered to, as well as distributing essential information across multiple agencies.
Incidents can emanate from multiple sources such as system analytics or intruder devices, and an automated workflow or rules engine will prioritise the importance of these and alert operators in a number of ways. Alarm rules will also assist operatives in managing response times, actions and feedback. Exported video can be combined from multiple cameras into one cohesive flow of evidence for analysis and importantly, a full audit of all activity is automatically generated to provide a full incident report.
Q: How can remote locations be protected?
A: Appropriate protection for organisations operating in harsh and often remote environments involves implementing layers of security. Creating intelligence at the perimeter plays a major role in enabling proper control and situational awareness of the entire site. When this intelligence is integrated with other security technologies such as access control to restrict entry at gates, barriers and turnstiles, organisations are able to accelerate their response to critical events and manage risk before it escalates to a more serious incident.
Solar-powered solutions, such as infra-red beam systems and fence mounted protection, increase the viability of safeguarding perimeters that have previously been too difficult or cost-prohibitive to consider. They have a significant impact on situational awareness and the securing of assets and services. A recent example of the application of solar-powered perimeter protection is that of a major UK water authority which was able to save valuable construction time and money on the protection of reservoirs. A key challenge was the safeguarding of their widespread perimeters and numerous assets that would normally include the requirement for costly duct networks, together with the associated power supplies and cabling infrastructure. This innovative technology not only offers high level protection by creating a virtual detection wall that is both invisible and impenetrable, but also means that water authorities are able to accelerate their delivery programmes and forgo both the cost and time needed to install civils, power and communications.
Q: What about the cyber threat?
A: Minimising risk in the area of cyber security comprises both comprehensive security mechanisms and integrating security activities into the whole lifecycle. This means taking security considerations into account during development and engineering as well as service and operations activities. Comprehensive security mechanisms should combine physical and network security, and system and software integrity. Cyber security issues have been the subject of standardisation for some time, and Siemens plays an active role in all major organisations, including supporting the work of ISA-99, IEC 62443, DHS, BSI, WIB NAMUR and CLSI AUTO11-A2 to make sure that common cyber security standards are developed.
Q: How do I integrate legacy systems?
A: As many organisations have evolved over a number of years, there is often a mix of existing systems and technologies that needs to be integrated into a new, state-of-the-art control system. This will necessitate the creation of ‘soft’ interfaces, making it easier to integrate and reconfigure to adapt to change in the future, and operate from one single platform. A high knowledge base is required to address the technical complexities of this critical environment, as well as the necessary capabilities to operate effectively in a hazardous environment with full compliance to rigorous processes and procedures, and fundamentally robust Health & Safety policies and practices.
Q: How can Siemens help?
A: It is vital that life critical systems are fully supported by engineering teams who are trained to identify and interpret customer specifications, CDM requirements, relevant legislation and British Standards, and the impact on health, safety and the environment. Siemens is focused on the protection of people, communities and assets by delivering technologies that provide an effective response to emergency incidents, complete situational awareness, instant mobilisation and deployment of resources of procedures and personnel. We believe that better intelligence and information will save lives, protect water authorities and ensure business continuity across the UK’s vital services. We work with our customers using a systematic approach; one that includes the development of a clear technological roadmap to drive a coherent, joined-up and long-term safety strategy.
- Water management can improve your reputation The Carbon Trust's new Water Standard offers water intensive companies opportunities if they are willing to take practical... Read More >
- Project Focus: NI Water invests £14m in Belfast supply system A new 29km pipeline under construction in Belfast includes six major crossings which requires the use of trenchless... Read More >
- Blowing the whistle on water Given the public interest and health issues relating to the water industry, utilities and their supply chains need to... Read More >
- Interview: Black and Veatch's Mark Kaney Black and Veatch's new director of asset management for Europe, Mark Kaney, tells Robin Hackett how the company hopes to... Read More >
- Problem solving upfront: embracing digital technology Scottish Water is the latest water utility to make advances in digital engineering through the use of BIM technology,... Read More >
- Engaging 'returners' will boost women in engineering Ahead of International Women in Engineering Day, Safa Elbashir, Water Engineer at AECOM, says that one of the keys for... Read More >
- Managing infrastructure presents a growing digital challenge Mark Kaney, director of asset management at Sweco UK, calls for the water industry to support a deeper commitment to data... Read More >
- Comment: The future of asset planning in a data-driven world United Utilities' use of modelling software to analyse and predict deterioration in its sewer network is an example of the... Read More >