Skip to main content

Edge-based intrusion protection in critical infrastructure and industrial operations: integrated, reliable, and cost-effective

Dock behind a fence

Protecting critical infrastructure and other industrial operations is essential; the economy depends upon it. While cybersecurity is central to safeguarding these industries, this blog will focus on physical security – specifically, how to implement multiple layers of active, effective intrusion protection to secure the outer perimeter, inside the perimeter, and critical core facilities and assets.

Besides ‘intrusion detection’, we’ll consider the bigger picture of ‘intrusion protection’. In other words, looking beyond the initial real-time alerts associated with detection to a broader strategy around preventing intruder-related damage or theft. To do this, various automated, connected surveillance solutions can be layered together to go beyond solely detecting intruders by classifying, verifying, identifying, tracking, and deterring intruders, with the goal of keeping sites free from intrusion, theft, and sabotage.

Forget “camera,” think “edge device”

Innovation is driving increasingly advanced capabilities within video surveillance solutions: put simply, a camera is no longer just a ‘recording device’. Sophisticated network cameras today have powerful processing capabilities. They can act as sensors which can gather rich metadata as well as acting as servers on the edge to communicate, control, and trigger other devices on the network via open communications protocols. Importantly, you can opt for innovative, open surveillance solutions that can easily integrate into your existing infrastructure to maximize previous investments.

This is enabling a new era of advanced edge-based solutions. Switching the focus from ‘cameras’ to ‘edge devices acting as powerful, real-time sensors’ is the first step to building better, optimized surveillance system solutions. It also opens up new possibilities for effective intrusion protection.

Protecting the outer perimeter and fence line with edge-based systems

Intrusion protection starts at the outer perimeter. The first steps are detecting and verifying a potential intruder, whether along the fence line or in the ‘buffer zone’ outside the perimeter.

To detect an intruder at a distance in the ‘buffer zone’, radar devices pointing outwards from the fence line can spot a potential threat and send an alert to you long before the intruder reaches the perimeter. This makes you aware of a potential trespasser scenario early. Along the fence line itself, thermal cameras with intelligent analytics can be deployed to identify and classify whether a moving object nearby is a potential intruder – rather than an animal, for example. In addition to offering detection accuracy and reliability even in very challenging weather conditions, thermal cameras are also fully GDPR-compliant as they do not reveal any biometric information. In fact, depending on local surveillance laws, both radar and thermal devices should be considered for monitoring the area just outside the site given they comply with even the most stringent data privacy regulations.

When a potential intruder is detected along the fence line or in the ‘buffer zone’, you can configure your connected surveillance solutions to either raise the alarm immediately or set off the alarm if that intruder moves into an area which you’ve previously identified as the intrusion alarm zone. This second approach reduces the risk of false alarms, enabling the system to detect the intruder early, but only setting off the alarm and other escalation procedures if the intruder enters a certain zone or the perimeter itself.

Once an intruder has been detected and the alarm has been raised, it triggers the next step in a chain of events: verification. Visual cameras, such as pan-tilt-zoom (PTZ), with tracking analytics pick up the alarm from the thermal cameras or network radar and verify the alarm by showing a visual image of the intruder. In addition to providing the possibility of identifying the intruder, the camera tracking analytics then kick in to monitor where they go.

To stop the intruder from attempting to breach the perimeter, you can rely on deterrents, such as audio solutions or white light LED reflectors that will light up the scene. For example, the connected surveillance solutions could trigger an automatic audio message to warn the intruder away and flag the presence of security guards, with the aim of discouraging theft or property damage.

Area protection within the perimeter

Once the perimeter has been breached, the connected surveillance solution will continue to track the intrusion and how it develops so you can act on it. Radar, thermal and visual cameras can work in conjunction with audio units and other devices to not only follow the intruder’s progress but also attempt to prevent them from going any further. Keeping an eye on where they are going is also useful for follow-up forensics investigations or police procedures.

There is no ‘one size fits all’ approach to intrusion protection as every site is unique. For instance, depending on how you set up your system, network radar within the perimeter could take over from the radar along the fence to detect the intruder, send an alert and track where they are going. Advanced radar systems can both follow the intruder and directly communicate with PTZ cameras, allowing them to track the intruder and verify alarms with a visual.

By tracking the intruder’s path, connected surveillance solutions provide essential information to security personnel who need to know which way the intruder is heading to better position themselves to block them off or activate security measures along their path.

With insight into the intruder’s route, the connected surveillance solutions can trigger more white lights and audio units to deter them from going further. For instance, the system’s network audio speakers can play a live or pre-recorded message, flagging that security guards are on their way. The alarms will have triggered an automatic notification to the central control room – enabling the operator to verify the incident before response team measures are triggered – so the operator or security guards can also use a network audio device on site to warn the intruder off before they must resort to a physical intervention or calling the police.

Protecting critical core facilities and assets

The third layer is protecting the perimeter, site buildings and other critical facilities and assets with access control. These solutions, such as door stations and intercoms, play a key role in making sure that only authorized personnel and visitors can use entrances and exits on the perimeter, be admitted into specific buildings or even certain rooms, or enter fenced off areas around the site, such as a transformer station.

Vehicle access control is also vital. To make sure only authorized vehicles are admitted, cameras with license plate recognition analytics offer an efficient solution to admit or stop vehicles before entering or leaving the site, or specific areas within the site. They can be used in conjunction with intercom systems to enable more efficient access control and verification with two-way audio communication between the site visitor and the security officer. This is particularly crucial for automated sites that may not have staff at the facility.

Benefitting from a decentralized system

A system with a single point of failure is a flawed system: intrusion protection systems at critical infrastructure and other industrial operations sites must always be reliable. Building an edge-based, de-centralized system that doesn’t depend on one device is key. In fact, an edge-based system can mitigate risks, particularly when comprised of physical devices that offer a variety of built-in cybersecurity features to counter cyberattacks and prevent unauthorized system access.

For example, if you have multiple thermal cameras along the perimeter with each camera serving as an edge hub for its area, it allows you to create security clusters that run independently of a central server. If a camera fails, that specific cluster might not work fully but the rest of the system will still function as expected. Additionally, if a specific device on the system fails, the system’s healthcare monitor will automatically inform the system operator so it can be addressed.

Maximizing protection, minimizing costs

While building an edge-based intrusion protection system offers the latest in innovation, it also provides an opportunity to cut system costs significantly. You can reduce the bandwidth requirements and additional video streams that would usually be sent to central servers for video analysis. Consequently, the need for additional servers, rack space and passive network equipment, such as UPS devices, on a central site is dramatically decreased.

In particular, deploying thermal network cameras at the edge allows you to cover larger areas of the perimeter than is possible with standard visual network cameras. This reduces the amount of installation poles, cabling, construction required, man hours plus VMS and software licenses needed. Taking this step also reduces system power consumption, minimizing total system costs dramatically without lowering the levels of protection. In fact, costs are reduced but system reliability improves: an IP thermal-based intrusion protection solution offers increased system reliability and intrusion detection rate, even in challenging weather conditions.

Reliable intrusion protection: from perimeter to critical core

Effective intrusion protection requires depth. By building an edge-based and connected intrusion protection system to provide several layers of security, you can safeguard protected areas in a way that is comprehensive, reliable, and cost-effective. Crucially, a platform like this will also set you up for the long-term, allowing for future system growth to meet future requirements.

Explore Axis solutions for active and cost-effective intrusion protection:

Stjepan Šurmanović

Stjepan Šurmanović has over 10 years of experience within the physical security systems, ranging from project design, integration and commissioning to business development, sales and project management. Since joining Axis in 2016, he is developing the South East Europe market from the beginning and has established the foundations for a good and sustainable long-term business in the region. He is focused on building open and trusted partnerships with regional key accounts, with big focus on creating innovative solutions based on Axis open and best of breed integration technology platform. From January 2022 he is also working as EMEA Subject Matter Expert for Critical Infrastructure and Industrial segments.

Stjepan Šurmanović
To top