Securing The Hydropower Energy Industry

Sign up to receive our blog posts in your inbox.



The hydropower industry converts energy from flowing water into electricity. Originally used for mechanical millings, such as grinding grains, today’s hydro plants produce electricity with turbines and generators using a dam, reservoir, or flowing river. This natural source of energy encompasses a wide variety of sizes and layouts, often remotely located, geographically large, and difficult to get to and maintain.
According to the U.S. Energy Information Administration, in 2018, hydroelectricity accounted for approximately 7 percent of total U.S. utility-scale electricity generation and 41 percent of total utility-scale electricity generation from renewable energy sources. 
Because the source of hydroelectric power is water, hydroelectric power plants are nearly always located on or near a water source. Swiftly flowing water in a big river, such as the Columbia River that forms the border between Oregon and Washington, carries a great deal of energy in its flow, the administration explains. Water descending rapidly from a high point, such as Niagara Falls in New York, also has substantial energy in its flow.
These sites and others like them pose several difficulties when it comes to security: from remote locations and harsh conditions to their mixed-use as a power source and recreational site or popular tourist destination, to their vulnerability as potential terrorism targets. 
Hydropower sites are large and challenging sites to secure, with the weather, natural disasters, and challenging locations vying with the potential threats of terrorism, vandalism, or simply wear and tear causing breakdowns that need to be repaired. 
The location of hydropower plants is a primary challenge to this energy source. Many hydropower sites present difficulties at the best of times, with hard-to-access locations by remote roads, or even by trams or cable cars.
Water also carries with it the inherent risk of natural disasters, from flooding issues that can damage sites or equipment or just make it impossible to reach; to drought conditions that impact the plant’s ability to make power; to seasonal variations that can make it challenging to maintain the security of the site. In the winter months, it can be nearly impossible to reach some sites due to snow that blocks access roads. 
In addition, hydropower sites that are also recreational areas or national parks must secure the power site from unauthorized access by vehicles or boats, yet at the same time to be able to tell if a boat that gets too close is a threat, or just a fisherman, for example. 
There can be many ways someone with bad intent could get to a site without being seen, so high-tech and often expensive security equipment is often the only way to effectively monitor it. Yet frequently the security operations centers are located miles if not hours away from the sites they are monitoring, making it difficult to respond to threats promptly. 
Whether from natural or unnatural causes, the impact of a disaster on a water site could have tragic consequences, taking out nearby towns, causing major flooding, and doing unimaginable damage. 

From design to maintenance, hydropower plants are a collaborative effort between several different stakeholders, from regulatory bodies to the U.S. Army. 
The Hydropower industry is primarily governed by the Federal Energy Regulatory Commission (FERC) Division of Dam Safety and Inspections (D2SI).
According to its most recent revision, “D2SI conducts periodic security inspections of projects based on the current threat conditions and as determined by the Attorney General and the Office of Homeland Security to ensure the security of FERC hydropower projects. These inspections determine if the licensees have implemented a security plan appropriate to site conditions and current threat conditions while remaining flexible enough to address elevated threat conditions. As a special focus of the Dam Safety Inspections, the FERC D2SI Engineer will evaluate the level of security, both physical and cyber, that is in place at facilities having the potential of causing significant to high consequences if attacked. … These security inspections are conducted in conjunction with the Dam Safety Inspections over the inspection scheduling cycle, or as special inspections are required.”
There are a series of FERC requirements, which, if not met, can lead to fines and the expense of fixing any issues the commission identifies. 
There is also the North American Electric Reliability Corporation’s NERC CIP, a collection of standards and requirements covering the security of electronic perimeters and the protection of critical cyber assets that applies to all energy companies, including hydropower. 
For new dams, the U.S. Army CORPS are heavily involved in construction, requiring security integrators to work closely in line with their plans. 
Sandia National Labs also gets involved with risk assessment for waterways technologies and helps give guidelines for security consultants to see the possible risks of sabotage and which assets are most vulnerable to attack.