Are solar farm installers and operators being led down the wrong security path by their security installers?
Firstly, I would like to say thank you to the TPSO team for providing the opportunity to write a short article. (We’re honoured to have you write for us Chris………… Ed.)
I understand the theme this month is around security monitoring and response. In my view an area very often not thought about till after all the Gucci kit has been installed. Although as you will see the approach to installation is anything other than professional.
Monitoring and response I would consider to be a key element in any approach to security design. The reason monitoring and response are key is because the human element glues a physical environment design, coupled with the technical systems applied to that environment, together.
In this article I am using the example of solar farms and what I can only describe as a completely unprofessional approach I have witnessed by the security installation industry. Sadly, I have seen very much the same approach on more complex built-environment projects.
What are the security concerns for a solar farm? This question is asked when talking to clients about securing such facilities. After all, if you don’t understand what the threats are in a security context and how these threats arrive at the site, you are not going to be well placed to design a security system. That security system should seek to deter the opportunists, delay the determined whilst detecting the attempt, then communicating that message to the monitoring station, who hopefully know where in the world they are looking.
Assuming you have got that all aligned then the responding security officers hopefully are not so far away that they can’t respond and disrupt the event.
On the sites I have reviewed over the years it is clearly evident that none of this thinking about security as a system has taken place, leaving the clients assets exposed to significant losses. In addition to the physical losses from the sites and the associated costs, there are also the safety aspects to this poor security. Perhaps if an installer were to be prosecuted for a poor security design because that design failed to deter, detect or delay unauthorised access that resulted in a serious injury or fatality, we may see a different approach.
When I talk about a security system, I am not just referring to technology, but unfortunately, many in the security installations industry appear to think that way. For me, and many who have practised physical security in a wider context, a security system integrates the physical environment with the necessary technical systems, which are all supported by the human element that will monitor and respond to the technical systems when alerted.
So, with that in mind let’s look at what is seen as a typical ‘security’ installation to protect solar farms.
Clients have always gone for a fence, which is prudent as the solar strings are dangerous as they are always live. Typically, a stock fence that a farmer puts around a field to stop sheep escaping as indicated in the image below is what is found.
Why I ask, as this is certainly not recognised as a means to secure anything other than livestock from wandering? I have read Design and Access Statements by ‘green energy companies’ stating that a stock fence is a security fence, and unfortunately clients who are paying for the various consultant’s information just accept it. Now I would not try to build a large extension to my house without consulting a qualified structural engineer so why take security advice from organisations that are supposed to be specialist in renewable energy but certainly know very little about security?
Taking items away from a solar site in the middle of nowhere requires a vehicle, but there is no attention to monitoring the possible vehicle approach routes.
Below are a couple of examples of the types of CCTV installations that we find, and none of them appear to follow any recognised standards other than those Del Boy may have written.
The key issues for any CCTV installation are:
- what is it there to see and
- what conditions does it need to operate.
This information of course would be contained in the Operational Requirements (ORs) that would be developed by either the clients design team, or that elusive trade of professional security installers. Funnily, I have yet to ever receive ORs for any of the sites I have been asked to visit.
It must be remembered that solar sites tend to be in rural areas and illumination for CCTV is limited as white light tends to be prohibited by the various planning departments. This in itself not only poses an issue for the installed CCTV but also for any response officers, as they are effectively coming to a very dark site, assuming that they can find it.
Once the questions of view and illumination have been captured then the question of how images are recorded and transmitted to a monitoring station, so that the security response can react accordingly, need to be established. Most solar sites visited rely on a single mobile communications system and to cut corners we have found that installers lump the CCTV and alarm outputs into the stream that is also sending site management information.
The result of this is loss of transmission as no one appears to have informed the client that you need to assign priority to transmissions as you have a narrow bandwidth.
The consequence is that the monitoring stations invariably obtain a limited view of the site and as a result, response officers tend to be driving blindly towards a possible threat on a very dark site.
On occasions security installers deploy Perimeter Intruder Detection System (PIDs), this type of installation tends to resemble the arrangement shown in the image below.
Here a supposed Silver Standard company (an award given by a UK National body) installed break wire sensors. Pretty pointless as the fence fabric can be cut between the break wire sensors. This type of sensor was designed to be buried and detect an adversary digging under fence line but only if the actual line is severed.
Consequently, there is no alarm to alert anyone.
So now we have established that the basic perimeter controls are easily breached and reached in a vehicle carrying the adversaries and their tools. The physical control offers zero real delay against adversary teams. The technical controls applied are only at one layer and they are easily bypassed with virtually zero chance of detection.
So, the security installation has failed to deter, detect or delay even the most basic of adversary. What about monitoring and response?
Well, if nothing has been triggered there is no monitoring and so no response in terms of security. In the cases where I visited sites the intrusion and loss of property was only noticed when the maintenance teams turned up at the site because the site management system informs them that there is a drop in production.
The image below illustrates the result of one loss that was enabled by poor physical and technical security design. The procedural monitoring and response element does not stand a chance due to the negligence of security installation companies.
So before engaging cowboy or cowgirl security installation companies, come to a professional consulting company that can correctly design your security.
This approach will help you maximise your security but minimise the CAPEX and OPEX for security equipment. We won’t sell you a dream. Want to know more?
Please contact Design Security Ltd, an Independent Security Design Consultancy, at: email@example.com
Chris holds a BSc (Hons) in Social Policy and Criminology and is a Chartered Security Professional (CSyP). He runs Design Security Ltd which is based in South Wales and has extensive experience in assessing security requirements, as well as hands-on experience delivering security design for major projects, Chris personally worked on the main stadium for London 2012. He has developed Design Security Ltd portfolio of projects ranging from advice in hostile environments for Oil and Gas clients, through to writing strategic security papers for a UK-based financial sector client.