NERC CIP-014 Compliance Guide - Senstar

Senstar LM100Perimeter intrusion detection(accelerometers in luminaires)FiberPatrolFence-mounted perimeter intrusion detection(fiber optic cable)Wireless GateSensorGate protection (accelerometer)UltraWaveGate and area protection (microwave)Video analyticsDetect and track intruders and vehicles near, at, andinside the perimeterDETECTSenstar LM100 Hybrid Perimeter Intrusion Detection and Intelligent Lighting System protecting anelectrical storage yard.

NERC CIP-014 Compliance Guidesenstar.comASSESS, COMMUNICATE AND RESPOND TO SECURITY THREATSSenstar’s video management software (VMS) and video analytic technologiescomplement perimeter sensors by providing assessment, communication, andresponse capabilities:FUNCTIONPRODUCTBENEFITASSESSAll SenstarsensorsZone or distance-based locating. DirectPTZ cameras to intrusion location.Senstar LM100Uniform lighting along the perimeterenhances the assessment value of videocamerasSenstarSymphony VMSCamera callup, auto-PTZ and videoanalytic overlaysVideo analyticsIdentify vehicles and people via licenseplate recognition and face recognition Efficiently monitor hundreds of remote substations from a central location View surveillance video from all major camera manufacturers, including videofrom low-light and thermal devices Employ video analytics to enhance monitoring capabilities while reducingoperator requirements Use sophisticated intelligent search for post-incident analysisSTREAMLINED VIDEO MANAGEMENTCOMMUNICATEThe Senstar Symphony VMS enables operators to control their entire videosurveillance system from a central location. Operator features include:SenstarSymphony VMSStreamline display of alarm, video, andlocation dataRESPONDSenstarSymphony VMSProvide response forces with key data,including mobile apps, and accuratelocation information Integrated sensor, video analytic and access control events On-site I/O device control, including 2-way intercoms Automated detection and tracking of vehicles and peopleMOBILE SUPPORT FOR ON-CALL STAFFSenstar Symphony can support on-call staff with avariety of functionality from their mobile device,including email/SMS alerts (with captured images),access to individual cameras, and on-device videorecording.Symphony’s Alarm Console links sensor, video analytic, andaccess control events to multiple cameras, a graphical map,and event-specific instructions.

NERC CIP-014 Compliance Guidesenstar.comEQUIPMENT AND SOFTWARE DESIGNED FOR ELECTRICAL UTILITIESIn addition to effective assessment and response tools, energy utilities require scalable solutions that are suitable for deployment across large numbers of sites, areultra‑reliable, maintain a low nuisance alarm rate, and incorporate robust architectures that avoid downtime and unscheduled maintenance visits.MADE FOR HARSH CONDITIONSSenstar sensors are designed for use in harshenvironments. The outdoor equipment is designed tooperate across a wide temperature range (typically –40to 70 C / –40 to 158 F) and includes advancedalgorithms that minimize nuisance alarms generated bywind, rain, and snow.ON-SITE FAULT TOLERANCESenstar sensors include support for bi-directional loopnetworks, redundant processors, power supplies andnetwork connections, so that a failure of one componentor sensor does not bring down the entire system.REMOTE MANAGEMENT AND LOCAL FALLBACKSite sensors can be managed by the Senstar RuggedController, designed for use at unmanned sites. It offersremote management, WAN/SCADA support, and localfallback capabilities to simplify administration and toprovide local fallback if network connectivity is lost.NO-MAINTENANCE VIDEO APPLIANCESenstar’s Thin Client provides a simple, low-cost way todisplay live and recorded video, as well as export videoto common formats for post-incident analysis. Thecompact Linux appliance requires no maintenance orregular software updates, making it an easy way to bringsurveillance video to those who need it.SCALABLE, MULTI-SITE VIDEO MANAGEMENTSOFTWAREThe Senstar Symphony VMS uses a scalablearchitecture that offers a feature set ideal for criticalinfrastructure operators: Edge storage – Video may be stored on-cameraor edge devices to prevent the loss of criticalvideo if network connectivity is disrupted. Licensing – Per-camera licensing makesSymphony ideal for gradual rollouts, as additionalcameras can be added as required. Videoanalytic licenses are moveable – existing licensescan be repurposed to meet changing securitydemands. Built-in failover – Symphony includes support forredundancy and failover without the use ofexpensive Microsoft Clustering.CLOUD-BASED DEVICE MANAGEMENTThe Senstar Enterprise Manager enables systemadministrators to centrally manage large numbersof video cameras and other security equipment.From a web-based interface, administrators can: Monitor the health of the video surveillancesystem Automate software and firmware updates Quickly identity offline cameras

senstar.comNERC CIP-014 Compliance GuideCIP-014-2 PHYSICAL SECURITY SAMPLE PLANSiteRemote Transmission SubstationPhysical threatsCopper theft, vandalism, sabotage and trespassingOperational threatsUnauthorized access to outdoor equipmentUnauthorized access to buildings and indoor systemsGeneral deterrence practices Security lighting Automated PA system Perimeter signage and warnings Overt video surveillance 2-way intercoms at OMMUNICATIONRESPONSECut, climb or lift fence fabricSecurity fence or wall withoutriggingFence sensorHigh quality andmaintained securityfence or wallSurveillance systemAutomated electronicnotificationsLocal securityforcesPerimeter lightingOutdoor people tracking analyticPA systemClimb gateSecurity gate with outriggingFence or gate sensorPerimeter lightingOutdoor people tracking analyticHigh quality andmaintained securitygateSecurity hardwareFence or gate sensorSecurity hardware2-way intercomLatch contactSurveillance systemOutdoor people tracking analyticBelow-ground fence structureFence sensorHardened surface (e.g. concrete)Outdoor people tracking analyticPA systemBreak or bypass gate lockTunnel under fence or gateSurveillance systemHigh quality andmaintained securityfenceHardened surface(e.g. concrete)Firearms and explosivedevicesBallistic fencing/wallsOutdoor people tracking analyticLadder-assisted climbSecurity fence with outriggingFence or gate sensorPerimeter lightingOutdoor people tracking analyticHigh quality andmaintained securitygateFence or gate sensorSecurity fence or wallAudio sensorsPA systemVehicle rammingSecurity fence or wallOutdoor vehicle tracking analyticElevated position perimetercrossingSecurity fence or wall withoutriggingOutdoor people tracking analyticAccess via false ormisappropriated credentialsAccess control systemSchedule-based accessSurveillance systemLicense plate and/or face recognitionanalyticsSecurity fence or wallwith outriggingSecurity lighting2-way intercomEmailSMSMobile app)Site security eventslinked to specificprocedures andcontact information

NERC CIP-014 Compliance Guide1senstar.comDETECT INTRUDERS AT THE PERIMETEROutdoor People and Vehicle Tracking AnalyticIdeal for sites with comprehensive surveillanceinfrastructure3Senstar LM100Ideal for new sites or those requiring security lightingFiberPatrolFiber optic sensor, ideal for sites with existing security lighting1FlexZoneIdeal for sites with existing security lighting2MONITOR GATES AND OPEN AREASSliding GatesMonitor gate activity with Wireless GateSensorSwinging GatesAttach FlexZone, FiberPatrol, or SenstarLM100 directly to gate panelsOpen AreasMonitor open areas with UltraWavemicrowaves23TRANSFORM PASSIVESURVEILLANCE INTO AN ACTIVE RESPONSESymphony supports cameras from all major manufacturers, includinglow-light and thermal models: Fixed cameras – Use outdoor video analytics to detect intrudersoutside and inside the fenceline PTZ cameras – Apply PTZ tracking analytics for hands-free camera controlIntercoms – Use 2-way audio to deter intrudersDevice control – Trigger local deterent mechanisms, including securitylights and pre-recorded messagesAlert on-call staff – Provide on-call security staff with access to alarms,photos and video feeds, and mobile recordingIdentify people and vehicles using license and face recognitionanalyticsVersion: R2-E-01/20Copyright 2020. All rights reserved. Features and specifications are subject to change without notice. The Senstar name and logo, FiberPatrol, and FlexZoneare registered trademarks of Senstar Corporation. UltraWave and the Senstar LM100 are trademarks of Senstar Corporation.

NERC CIP-014. Compliance Guide. The purpose of the NERC CIP-014 reliability standard is to protect electrical . facilities from physical attacks that could threaten the stability and operation of the electric grid distribution system. Requirement R5 man