The implementation of security systems in manufacturing and industrial facilities represents a growing market. Opportunities continually emerge as technologies advance and customer demands for security evolve.
Before discussing best security practices, however, contractors must understand the risks at industrial facilities.
“Industrial facilities don’t have quite the exposure to the public that institutional and commercial buildings do, but management still has the primary responsibility to safeguard against workplace violence,” said Dick Sem, CSC, CPP, president of Sem Security Management, Trevor, Wis.
The Occupational Safety and Health Administration (OSHA) defines four types of workplace violence sources: anonymous, third-party criminals; authorized visitors; workers; and domestic violence “spillover.”
Other security issues at industrial facilities include an increase in recent years of bomb threats, the risk of theft and pilferage, and the need to secure information and intellectual property using both physical and IT security.
Aditionally, any industrial plant that handles certain types of chemicals must implement Chemical Facility Anti-terrorism Standards (CFAS) issued by the Department of Homeland Security (DHS). These standards establish risk-based performance levels and require covered chemical facilities to prepare security vulnerability assessments and to develop and implement site security plans, which include measures that satisfy the identified risk-based performance standards.
Another lesson to learn for those entering the industrial security market is that there are not as many hard and firm rules in the safety or environmental management arenas, Sem said. There are, however, many best practices to follow, such as the evolution toward card readers to replace mechanical lock and key systems, the use of electronic video and alarm systems to expand the range and capability of security staff, using local annunciation alarm systems and duress or panic buttons, and the designation of safe rooms or shelters to protect people during a security breach event.
Although there may not be as many standards in the industrial security market as in other segments, they exist.
“Within the power sector, the North American Electric Reliability Corp.–Critical Infrastructure Protection (NERC–CIP) lays out a set of cybersecurity standards that owner-operators of power plants and distribution systems must implement,” said Kevin Staggs, engineering fellow, Honeywell Process Solutions, Houston.
Further, NERC has the authority to level fines for noncompliance. In addition, the International Society of Automation (ISA) is developing a set of standards that will define the physical security requirements designed to protect an industrial facility’s cyber assets.
Need to know
For an industrial facility, security starts with barbed wire perimeter fences with padlocks and some intrusion detection alarm systems, Sem said.
“The facility could build on that to include cameras to monitor and record activity, electronic access systems that keep record of entries and exits and then move on to more complex sensors on fences to detect excessive vibration,” Staggs said.
More sophisticated systems include biometric access control, intelligent video systems that incorporate Internet protocol communication, and electronic visitor management systems.
In developing a facility’s security system, electrical contractors can offer their expertise and knowledge of safety and codes, Staggs said.
Sem added that it would be useful to partner with various security product providers and establish affiliations with security industry consultants. One is the International Association of Professional Security Consultants, San Francisco, whose members are not tied to any product or service.
“Partnerships with security experts would enable contractors to expand their offerings and leverage these relationships to demonstrate their ability to provide state-of-the-art, properly designed, and appropriate security systems,” Sem said.
Contractors can also partner with standards organizations, such as NERC and ISA, to learn more about specific industrial security needs.
“Facility operators count on contractors to ensure that security system installations are done safely and that the system provides the proper levels of protection,” Staggs said.
With the industrial market shifting from proprietary control and instrumentation systems to open architecture communication protocols, Staggs predicts a future set of cyber risks and the need for properly mitigating them.
“Industrial facilities will also require increased and improved physical protection and the need to deal with safety issues, providing contractors with growing opportunities in this market to leverage their expertise,” Staggs said.
BREMER, a freelance writer based in Solomons, Md., contributes frequently to ELECTRICAL CONTRACTOR. She can be reached at 410.394.6966 and firstname.lastname@example.org.