A variety of commercially available systems can be employed
to provide varying levels of security in the substation. Caution should be used
when employing sensing devices that are subject to erroneous activation due to
movements caused by animals, wind, seismic events, or vibrations. All wiring
for electronic security systems should be installed in a manner that will
ensure operational integrity and resistance to tampering.
Photoelectric/motion sensing
Perimeter systems using photoelectric or laser sensing may
be utilized to provide perimeter security. Overall area security may be
provided by motion-sensing devices; however, great attention should be shown in
the placement of these devices since animal intrusion alarms may become a
nuisance and sensors may be deemed ineffective.
Video surveillance systems
Video systems can be deployed to monitor the perimeter of
the substation, the entire substation area, or the building interiors. Systems
of this type require 24 h monitoring, which can be a costly alternative.Video
systems are available that utilize microwave and infrared to activate a
slow-scan video camera. This can be alarmed and monitored remotely and
automatically videotaped.
Building systems
One of the more common methods utilized is an intrusion
alarm on control buildings. These systems include, at a minimum, magnetic
contacts on all the doors, and have the provisions to communicate through the
existing telephone network or SCADA systems.
A local siren and strobe light may be located on the outside
of the building to indicate the alarm condition. The system should be capable
of being activated or deactivated using an alphanumeric keypad, keyswitch, or a
card reader system located inside the building. All siren boxes and telephone
connections should have contacts to initiate an alarm if they are tampered
with.
Computer security systems
Computer security systems can be subdivided into three major
components: identification, authentication, and auditing. Identification is
simply a login name or user identification (user id) to determine who wants
access to the information.
Authentication is the process of verifying that the person
logging in is who they say they are. Finally, the audit is an attempt to verify
that only authorized personnel are accessing the data through the use of
separate reporting and logging systems.
Passwords
Probably the most widely used and most common form of
protection is the user ID and password. All security systems, regardless of
their sophistication, begin with a user ID and password protection system.
However, working alone, they are also the easiest to break.
Keep in mind the following points:
a) Do not use personal information, such as birthdays,
names, etc.
b) Do not use common words or names.
c) Use at least four characters and preferably more.
d) Memorize them.
e) Mix symbols, numbers, and both upper and lower case
letters.
f) Change the password periodically.
g) Limit the number of attempts to enter a password.
Dial-back verification
This technique provides one of the best methods of
protecting a system from external access. The system is based on the intended user
first calling the equipment via modem, which initiates a dial-back response by
the equipment using a predetermined telephone number.
Although this technique provides increased protection from
external intrusion, it provides little protection from electronic intrusion by
those within the organization.
Selective access
This technique allows access for information purposes to a
large group while restricting authorization for modification of files to a
smaller group through the use of an additional password.
Virus scans
A computer virus is another form of electronic intrusion.
With the increased use of desktop and laptop equipment to access substation
equipment, it is possible that an infected computer could spread a virus to the
substation equipment. The introduction of computer viruses can be limited by
the following:
a) Employing virus scanning software.
b) Scanning all floppy discs prior to use on any computer
system.
c) Destroying all discs suspected of infection.
Encrypting and encoding
Where it is suspected that intruders may be able to defeat
the identification and authentication security measures and gain unauthorized
access to the computer, further protection may be warranted. The program or its
critical data can be encoded or encrypted to block access, even after access to
the computer has been gained.
No comments:
Post a Comment