Addressing Tailgating Vulnerability at Substations

Tailgating or piggybacking access gates at substations

Access Gates at substations cannot control how many vehicles enter. This type of gate violation is a CIP vulnerability referred to as “tailgating” or “piggybacking.”

Electrical substations are subject to a number of unique security challenges and safety concerns. Identifying and addressing these concerns is the objective of the Critical Infrastructure Protection (CIP) program regulations from the National Electrical Reliability Commission’s (NERC).  As part of the efforts mandated in CIP-014, transmission owners/operators of substations will likely identify the vulnerability of substation access; managing the movement of people to and from substations and other areas for which they have authorized access.  Transmission and distribution substations have the added complication that they are often remote and typically unmanned.  Some form of security system is typically in place to help manage this access, however, one of the biggest weaknesses of a typical access control system is the fact that it can control opening a door or gate when an access card is presented, but it cannot control how many people or vehicles actually enter the building or site location behind the authorized card holder.  This type of gate violation is a CIP vulnerability referred to as “tailgating” or “piggybacking.”  There are several approaches to counter this vulnerability, one of which is tailgate detection utilizing intelligent video.

What is Tailgating?

Tailgating can occur at any type of entrance, such as a building exterior entrance, access to a room or a roadway entrance into a remote site.  Both vehicles and humans can be the cause of the tailgate event.   For the sake of brevity, let’s limit our discussion to the issue of tailgating at a gated vehicle entrance, understanding that there are many other locations and situations where tailgating can occur.

From a pure definition standpoint, the problem actually has two forms; tailgating and piggybacking.  Piggybacking is a situation when an authorized vehicle accesses a restricted area, and intentionally allows another vehicles or person to enter.  This could be out of courtesy, or they may recognize the second vehicle / person and consider them authorized for entry.

The second form of the problem is “tailgating.”  Tailgating occurs when a person or vehicle follows an authorized vehicle into the substation without the knowledge of that authorized person. This typically occurs by entering the area after the authorized vehicle has left the area, but the gate is still in an open state

The nuances between the two definitions are important for corporate security policy and communications, but from a video detection standpoint, both can be treated the same and the terms are used interchangeably.

The Cost of Non-Compliance

Tailgating and piggybacking carry both tangible and intangible costs.  They include loss due to equipment or intellectual property theft; cost of vandalism, physical loss and emotional impacts of workplace violence, costs from compromised safety conditions and the intangible effect of complacency.   For electrical and power generating facilities subjected to NERC CIP-014, tailgating is a potential physical vulnerability which must be addressed under Requirement R5.1, so it also carries the added responsibility of complying with the mandate.

Tailgate Detection Using Video Analytics

Tailgate Detection System using Video Analytics

Tailgate Detection System using Video Analytics

Utilizing video analytics as a means of detecting tailgating is a fairly straightforward architecture.   In the case of a vehicle entrance, a camera is mounted in a location where it can see the entrance.  The video is then made available to an intelligent video algorithm, which may reside in the camera or in a small edge device or computer.  The algorithm has the capability of analyzing the video in real time for the occurrence of people and vehicles that pass through the entrance.  By adding status information from the access control system, the algorithm can identify and provide alarms for tailgating events.

The underlying premise of the algorithm is the detection of more than one target passing through a defined entrance area for a single “authorized” event.  Events can include:

  • A vehicle entering directly behind an authorized vehicle,
  • A vehicle entering after an authorized vehicle has entered/exited and moved away from entrance,
  • A vehicle entering while an authorized vehicle is exiting, or
  • A person (non-passenger) entering with an authorized vehicle.

It is important to note that it is not necessary to integrate the intelligent video capability with an enterprise level access control system, consisting of badges and credentialing.  For those sites where authorized access is managed by possession of an appropriate key or a similar system, a simple contact on the gate can be used by the video analytics as an entrance event to detect tailgating.

Keys to success

Video-based tailgate detection is extremely flexible in terms of installation options, but there are some keys to ensure performance of the system.

substation security - detecting tailgating and piggybacking

Properly installed systems cover a view that encompasses multiple forms of tailgating or piggybacking

A view of the entire entrance –  Successful systems cover a view that encompasses the various forms of potential tailgating or piggybacking; vehicle entering via the opposing lane, or a person slipping in very close to edge of the entrance, etc.  Ensuring the video encompasses this entire region can eliminate missed intrusions.

A view perpendicular to entrance – Often times tailgating or piggybacking, can occur in very close proximity to the authorized vehicle.  As such, having a view perpendicular to the entering vehicle allows for imaging the gap between targets.  This gap, along with object classification techniques, can then be used by the algorithm to understand the difference between two vehicles in close proximity, versus a large truck.

Proper mounting height – If opposing tailgating (e.g. a vehicle attempts to enter, while an authorized vehicle is exiting) or side-by-side tailgating (e.g. a vehicle attempts to enter alongside an authorized vehicle) are concerns, the camera should be placed high enough so one vehicle does not obstruct the other, allowing the video analytics to easily detect the existence of multiple targets.

Advantages of Intelligent Video

The use of video in detecting tailgating is advantageous for several reasons:

  • Easy add-on to existing gates and entrances.
  • Does not require an enterprise level access control system to be effective
  • Highly accurate in detecting both tailgating and piggybacking,
  • Unobtrusive in appearance, and can double as a visual deterrent
  • Accommodates various sized vehicles
  • Does not require separate emergency exit, as do some deterrent measures
  • Relatively inexpensive. It can be an extension of an existing security system and can be installed using wireless and solar power methods.
  • Doesn’t require constant monitoring/streaming – Alarms are sent as conditions arise.

Summary

Video Analytics to mitigate tailgating security vulnerabilities at substations

Video Analytics is one method to mitigate tailgating security vulnerabilities

Tailgating and Piggybacking are common security issues faced by every institution.  It is especially problematic for substations and distribution sites which may be remote and unmanned.  Further complicating the matter is the idea that allowing such an event to occur often happens out of simple act of courtesy by an authorized entrant.  These events carry with them the high potential of tangible and intangible costs, from a security and a safety aspect. Solutions do exist for both deterrence and detection, including the use of video analytics.  Implementation of a video based solutions is flexible, reliable, detects various forms of the intrusion and can be installed affordably.  It is also a viable solution to intrusion vulnerabilities that may have been identified by assessments associated with your NERC CIP-014 process.

You can learn more about protecting critical facilities in our white paper

 

This entry was posted in Perimeter Surveillance, Video Analytics, VMS and tagged , , , , , , , , , , , , , , , , , , , , , . Bookmark the permalink.