Video integrates with SCADA system to improve security at Madison, WI, water utility

Feb. 23, 2009
On September 11, 2001, America was attacked by terrorists and the United States quickly acknowledged vulnerabilities at our airports, borders, food supply and water supply systems. Soon after, the government required vulnerability assessments (VAs) for all municipalities -- with large cities required to go first. In 2002, Madison Water Utility (MWU) in Madison, Wisconsin, underwent its VA and saw a need for video cameras at many locations, including 32 remote sites...

By Al Larson and Steve Rubin

On September 11, 2001, America was attacked by terrorists and the United States quickly acknowledged vulnerabilities at our airports, borders, food supply and water supply systems. Soon after, the government required vulnerability assessments (VAs) for all municipalities -- with large cities required to go first. In 2002, Madison Water Utility (MWU) in Madison, Wisconsin, underwent its VA and saw a need for video cameras at many locations, including 32 remote sites.

Two obstacles stood in the way of Madison meeting this need:
• Technology: Whose cameras, network and communication system? How can video work with our SCADA system?
• Money: Who will pay to protect Madison's water supply?

While this is a high level synopsis of the challenges Madison faced, many municipalities still face these same obstacles. Our experience shows that video security surveillance is possible over an existing SCADA network (Figure 1) at a reasonable cost, and that funding is available to cover most of the expense.

Figure 1: Video from 32 remote sites is sent via wireless to the central control room at the Madison Water Utility in Madison, Wisconsin. The video uses the same wireless link as the SCADA and access control system, and the video images appear on a Wonderware HMI system.Funding a Video SystemIn January 2007, MWU learned that the Department of Homeland Security had grant money available for security projects and that Madison might qualify to receive some financial assistance.

MWU replaced its dialup telephone system with MDS iNet 900 radios in 2002 and 2003. The system was installed with the intention to use it for the SCADA system, a door access system, and for video surveillance. The radio network had an potential bandwidth range of anywhere from 100K to 400K bits per second depending on configuration. Radio testing indicated critical links were in the 100K range. Any video surveillance system had to operate without impacting the SCADA system or the door access system. Madison was familiar with the Longwatch Video Surveillance system, and a demonstration proved that video could be transmitted over our radio network.

Through the spring of 2007, Dane County, Wisconsin, developed a grant request in cooperation with MWU. Dane County wanted this grant to go toward protecting the water for the people of Dane County. "The safety of our drinking water is vitally important," said our Mayor, Dave Cieslewicz. "This new system will provide us with real-time surveillance of critical Water Utility facilities, providing an additional level of security for the community."

Toward that objective, MWU developed a three project grant request that included:
• Access System estimated at $90,000
• Video Surveillance Systems estimated at $360,000
• SCADA System estimated at $1,500,000

By May 2007, Madison's confidence in obtaining a Homeland Security grant was growing and we started to investigate video solutions. Madison requested conceptual solutions from three video surveillance vendors. The task was simple; put cameras at 32 remote sites and bring back video clips over the utility's radio network. We asked vendors to develop a project concept and then prove the concept will work. The utility's requirements were:
• Event-based video for the operators
• Local recording (per AWWA Security Guidelines)
• Do not impede communications for the SCADA System or the Access System.
• If an event happens at 2:00 am, we want to know now.
• An estimated budget of $350K (estimating $10-12K per site over 32 sites)
• Any installed system would provide a performance guarantee.

On the Radio
Madison contacted three local video surveillance companies to propose a solution. Two of the three companies contacted responded to the request and started developing concepts. The challenge wasn't capturing video: it was transmitting it back to the main office via existing radios. One of the two companies was successful in transmitting video from a single camera, and one company withdrew in frustration. Only Longwatch was able to transmit video from all 32 sites using the existing radio system.

To allow a conventional video surveillance system to function, it was suggested that MWU investigate a faster, more reliable communication system. MWU looked into replacing the existing radios, installing a backhaul radio network, connecting to commercial fiber, and connecting to commercially available high speed Internet providers. All these options were rejected due to either high capital or high operations costs. MWU decided to stay with the existing radio system and to use the Longwatch system.

In the summer of 2007, Madison Water received word that a federal grant in the amount of $388K requiring a Madison match of $97K would be granted through Dane County for a video system and an upgraded access system.

MWU requested a price proposal from Longwatch in July of 2007. As part of this proposal, Longwatch gave Madison a guarantee: If Madison can assure Longwatch 50kb/sec bandwidth on the radios, the guard tour mode would produce an update from each and every camera at least every twenty minutes (Figure 2). The Longwatch system would also produce 25 video event clips per hour (5 seconds in length and 3 frames per second) from around the network.

Figure 2: This screen shows up to 24 still images from remote sites at one time. Each image is updated every 20 minutes. If an alarm occurs, the operator receives a 15-second video clip of the incident and can switch to live video at any time.Due to concerns about the radio system brought to light by the access system, MWU worked with a local system Integrator (Altronex, Madison, Wisconsin) to optimize the radio network and survey its capability. Altronex calibrated, tweaked and optimized the radio network to ensure it could work with the SCADA system, door access, and provide the required band width for the Longwatch system.

With an optimized radio network, MWU decided to proceed with the Longwatch system.

MWU negotiated a cost and scope with a Michigan based system integrator, RepLogix, and the local Longwatch distributor, Wonderware Midwest. Due to grant requirements, all work had to be finished and the system fully operational by March 15, 2008. This was a doable but still optimistic schedule.

Bob Lecher, president of RepLogix did the installation. Lecher hired electrical contractors to install and wire the cameras and video controllers at the remote sites and control room, while Lecher's engineers configured the Longwatch software to run on the Wonderware HMI and developed all the HMI screens.

Bringing up the System
The system was surveyed and each site was carefully planned for coverage and vulnerability during October 2007 and installation work commenced in November 2007. Sites typically took one to two days to install the cameras and equipment. The cameras were then aimed, focused and calibrated. Wonderware SCADA software was used at the central office to manage and organize monitoring of the remote sites.

The video surveillance system uses a Wonderware HMI to allow the operator to monitor alarms, and view and manage video clips. The remote sites communicate with the main server via Ethernet radio connection to the HMI computer. MWU is in the process of converting its aging outdated Aquatrol SCADA system to a Wonderware PLC-driven platform. It is expected that this conversion will be completed in the next 18 to 24 months. Once the system is converted, the video surveillance system will interface directly with the Wonderware SCADA system.

Figure 3: The Station Summary Screen shows the status of all doors, alarms, cameras and wireless systems at 36 remote pump stations, wells, tanks and other facilities.The planned Wonderware HMI SCADA integration will provide operators with information about system operations, records, logs real-time data, and will allow operators to view video and monitor system status. Monitoring and control of the system is our highest priority, so it is very important that the access control and video do not interfere with process data on the radio network.

Following review and approval of the screen graphics for the system, sites were brought on line one by one.

The system uses 64 AXIS cameras at 32 remote locations connected to local Longwatch hardware and software. A typical site video hardware setup is illustrated in Figure 4, and includes one to four video cameras at each site connected to a Longwatch Video Engine. The Video Engine records high-resolution video 24 hours a day, seven days a week and stores it up to 30 days. It simultaneously sends Live Video and Event Clips to the Video Control Center (VCC) at the central office control center. The Video Engine also monitors door switches and motion sensors and other detection devices that indicate the presence of an intruder to create an alarm condition.

Figure 4: Each remote site has two to four video cameras, a Video Engine that continuously stores live video, and a video control center that determines when to transmit video clips or still pictures to the Wonderware HMI/SCADA system in the main control room.The Video Engine is configured so that if any alarm is triggered, it will retrieve previous footage and transmit the archived video and live video as a "video clip" to the VCC, using the existing radio system. A video clip is a 10 to 15 second video snippet showing footage from before and after the alarm was triggered allowing the user to see "the big picture."

The operator can also switch over to a live viewing mode, and watch events occurring at the remote site in real time. Continuous live video from both of the remote site cameras is stored on the Video Engine for up to 30 days, so an operator can recall as much high definition, archived video as needed to analyze a situation. The high-resolution video can be written to a thumb drive or a portable DVR, and used as evidence against intruders, or to obtain increased detail of a scene.

Because of the limits of the radio system, it is impossible to transmit live video from every site, at all times. The bandwidth required would consume the network. Instead, the system stores all video locally, and only transmits video over the network when an incident occurs or when operators request it. In the absence of alarms, a system tour is conducted every 20 minutes delivering 1 frame of video to the operators giving them an updated view of the remote site.

When video is sent, it is broken into pieces and woven into the existing network traffic, essentially disguising the video data as normal process data. This allows the video to be transmitted over the existing communications network without interfering with the SCADA system or access control system. Upon arrival at the central office control room computer, the Longwatch software reassembles the video information from the individual blocks of data and presents the video clip directly onto the Wonderware HMI/SCADA workstation screen for the operator. The full system was completed and on line by the middle of March 2008.

MWU continues to fine tune and adjust the system to minimize false alarms. Issues with car lights and lightning may require adjusting or modifying triggers at some locations. Multiple frequent false alarms tend to desensitize pump operators and lessen the impact of the system. At one point, the system recorded incidences of graffiti and other mischief at our remote locations. Because the system stores up to 30 days of high-resolution video at each remote site, we visited each site, downloaded the high resolution video onto a thumb drive, and gave the images to the police to help in prosecution.

Probably the most interesting incident so far was early on, when we were testing the Longwatch demo. The cameras spotted a platoon of soldiers, armed with M16 machine guns and dressed in camouflage uniforms, deploying themselves across our property. Further investigation revealed that a ROTC unit from the University of Wisconsin was staging an exercise without telling anyone.

Today the system is fully operational and is monitoring the system 24/7. MWU can monitor its remote sites and know when someone has entered a site. Through the tour and live modes of Longwatch, we can check in on the assets protected by the camera system at any time of the day or night. Additional cameras are being considered for the utility's operations center and vehicle storage garages. MWU will monitor camera operation and coverage and add cameras and event triggers to improve the overall system performance.

About the Authors:
Al Larson, P.E., is Principal Engineer, Water, for Madison Water Utility, Madison, WI.
Steve Rubin is President of Longwatch, Norwood, MA.