Designing Physical Security Monitoring for Water Quality Surveillance and Response Systems
Total Page:16
File Type:pdf, Size:1020Kb
United States Environmental Protection Agency Designing Physical Security Monitoring For Water Quality Surveillance and Response Systems Office of Water (AWBERC, MS 140) EPA 817-B-17-001 September 2017 Disclaimer The Water Security Division of the Office of Ground Water and Drinking Water has reviewed and approved this document for publication. This document does not impose legally binding requirements on any party. The information in this document is intended solely to recommend or suggest and does not imply any requirements. Neither the U.S. Government nor any of its employees, contractors or their employees make any warranty, expressed or implied, or assumes any legal liability or responsibility for any third party’s use of any information, product or process discussed in this document, or represents that its use by such party would not infringe on privately owned rights. Mention of trade names or commercial products does not constitute endorsement or recommendation for use. Version History: The 2019 version is the second release of the document, originally published in September 2017. This release includes updated component names (Enhanced Security Monitoring was changed to Physical Security Monitoring and Consequence Management was changed to Water Contamination Response), an updated version of Figure 1.1 that reflects the component name changes and includes the Advanced Metering Infrastructure component, an updated Glossary, updated target capabilities, and updated links to external resources. “Enhanced” was replaced with “Physical” in this document to avoid any implication of a baseline standard, and better describe the type of security. Questions concerning this document should be addressed to [email protected] or the following contacts: Nelson Mix U.S. EPA Water Security Division 1200 Pennsylvania Ave, NW Mail Code 4608T Washington, DC 20460 (202) 564-7951 [email protected] Or Steve Allgeier U.S. EPA Water Security Division 26 West Martin Luther King Drive Mail Code 140 Cincinnati, OH 45268 (513) 569-7131 [email protected] i Acknowledgements The document was developed by EPA’s Water Security Division, with additional support provided under EPA contract EP-C-15-012. The following individuals contributed to the development of this document: • Steve Allgeier, EPA, Water Security Division • Adam Haas, General Dynamics Information Technology • Alan Lai, Jacobs • Nelson Mix, EPA, Water Security Division Peer review of this document was provided by the following individuals: • Steve Clark, EPA, Office of Research and Development • John DeGour, EPA, Water Security Division • Dan Schmelling, EPA, Water Security Division • David Travers, EPA, Water Security Division • Mary Smith, Water Research Foundation • Brad Wilson, San Francisco Public Utilities Commisson ii Table of Contents LIST OF FIGURES ......................................................................................................................................................... IV LIST OF TABLES ........................................................................................................................................................... V ABBREVIATIONS .......................................................................................................................................................... VI SECTION 1: INTRODUCTION .......................................................................................................................................... 1 SECTION 2: OVERVIEW OF PSM DESIGN ..................................................................................................................... 3 SECTION 3: SITE SELECTION ........................................................................................................................................ 5 3.1 Establishing the Evaluation Framework .............................................................................................................. 5 3.2 Scoring the Facilities ........................................................................................................................................... 9 3.3 Determining the Cost of PSM Improvements ................................................................................................... 12 3.4 Prioritizing the Facilities ................................................................................................................................... 12 SECTION 4: PHYSICAL SECURITY EQUIPMENT .......................................................................................................... 14 4.1 Hardening .......................................................................................................................................................... 15 4.2 Intrusion Detection Equipment.......................................................................................................................... 15 4.3 Video Monitoring .............................................................................................................................................. 16 4.3.1 Cameras ..................................................................................................................................................... 16 4.3.2 Video Storage ............................................................................................................................................. 18 4.3.3 Hardware ................................................................................................................................................... 18 4.4 Video Analytics ................................................................................................................................................. 19 4.5 Commissioning .................................................................................................................................................. 20 SECTION 5: COMMUNICATIONS .................................................................................................................................. 21 SECTION 6: INFORMATION MANAGEMENT ................................................................................................................ 25 6.1 Developing Requirements ................................................................................................................................. 25 6.2 Evaluating Alternatives for PSM Information Management ............................................................................. 26 6.3 Designing a PSM Information Management System ........................................................................................ 26 6.3.1 Estimating Required Storage ..................................................................................................................... 26 6.3.2 Developing a Detailed Architecture .......................................................................................................... 27 6.3.3 User Interface Screens ............................................................................................................................... 28 6.4 Implementing a PSM Information Management System .................................................................................. 32 SECTION 7: PSM ALERT INVESTIGATION PROCEDURE ............................................................................................ 33 7.1 Developing an Effective Alert Investigation Procedure .................................................................................... 33 7.2 Developing Investigation Tools ........................................................................................................................ 39 7.3 Preparing for Real-time Alert Investigations ..................................................................................................... 41 SECTION 8: PRELIMINARY PSM DESIGN ................................................................................................................... 43 RESOURCES ................................................................................................................................................................. 45 REFERENCES ............................................................................................................................................................... 49 GLOSSARY ................................................................................................................................................................... 50 APPENDIX A: DETERMINING DETECTION AND DELAY SCORES USING PATH ANALYSIS ......................................... 55 A.1 Developing a Scoring Rationale ....................................................................................................................... 55 A.2 Determining Paths ............................................................................................................................................ 55 A.3 Scoring Each Path............................................................................................................................................. 56 iii List of Figures FIGURE 1-1. SURVEILLANCE AND RESPONSE SYSTEM COMPONENTS ............................................................................. 1 FIGURE 3-1. COST AND RISK SCORES FOR THE EXAMPLE FACILITIES ........................................................................... 13 FIGURE 5-1. SRS COMMUNICATIONS SYSTEM DEVELOPMENT PROCESS .....................................................................