table of contents - university of arizona

2

Table of Contents

Executive Summary ............................................................................................... 3

1.0 Project Objectives ............................................................................................. 3

Primary Objectives .............................................................................................................. 3

Secondary Objectives .......................................................................................................... 3

Existing Process .................................................................................................................. 4

2.0 Requirement Gathering ................................................................................... 4

Computer Applications Group ............................................................................................ 4

Santan/Kyrene Site Visit..................................................................................................... 5

Security Operations ............................................................................................................ 5

Distribution Operations ...................................................................................................... 5

Central Dispatch ................................................................................................................. 6

Summary of Need ..................................................................................................................... 6

3.0 Proposed Solution ............................................................................................. 7

Newly Found Requirement ..................................................................................................7

IP Enabled Substation .............................................................................................................. 8

Process Change ................................................................................................................... 8

Requisite Hardware ............................................................................................................ 8

Benefit ................................................................................................................................. 9

Offline Substation ..................................................................................................................... 9

Process Change ................................................................................................................... 9

Requisite Hardware ...........................................................................................................10

Benefit ................................................................................................................................10

Database Considerations .........................................................................................................10

4.0 Cost Analysis ................................................................................................... 11

IP Enabled Costs ................................................................................................................ 11

Offline Costs ....................................................................................................................... 11

5.0 Appendix ......................................................................................................... 12

3

Executive Summary

The Eller SRP Team is addressing the need of SRP Computer Applications group to improve its

Substation Entry Management Module and its associated processes.

The current system utilized at the different SRP facilities and maintained by the Computer

Applications Support Group has inadequate safety measures. The maintenance of logging the

coming and going of personnel to the many substations is a manual process and falls short of

desired safety insurances. The University of Arizona Eller SRP Team will provide a proposal

and requisite documentation to update the Substation Entry Management Module. In this

document, the Eller SRP Team will propose two solutions and analyze their cost v. benefit and

implementation ease and scalability.

1.0 Project Objectives

Primary Objectives

By result of this proposal, the Eller SRP Team will:

Improve the safety of substations for SRP employees and its associated vendors

Integrate physical entry and exit of substation with substation entry log

Identify a best of breed or complete solution for logging substation access

Evaluate the necessity of data migration and legacy system coexistence

Deliver a solution that addresses the needs of all key stakeholders –field users, implementation team, and system operators

Identify solutions for “perfect environment” and “non-technology enabled environment”

Secondary Objectives

Secondary to the proposal, but equally influenced by this proposal, the Eller SRP Team will:

Address the standardization of field definitions and substation characteristics

Improve risk management practices

4

Existing Process

The current process of using the Substation Entry Log Management Module in coordination

with a substation entry and exit can be summarized into seven steps:

1 Dispatch sends personnel to substation

2 Personnel arrives at substation, dials into dispatch

3 Dispatcher logs entry data in Substation Entry Log Management Module

4 Personnel unlocks padlock at substation, performs work

5 Personnel finishes work, locks padlock

6 Personnel dials into Dispatch

7 Dispatch logs exit data in Substation Entry Log Management Module

Optional Nightly, unresolved entry data is given batch exit

2.0 Requirement Gathering

To completely understand SRP’s needs regarding an update to the Substation Entry

Management Module, the Computer Applications Group was more than helpful to arrange

meetings with various end users and stakeholders. The Eller SRP Team thanks the below

contributors for their time and support on the project:

Computer Applications Group

SRP Personnel:

Mathew Weber, Murali Kothapalli, Maureen Kempton

Summary:

The Computer Applications Group is the project sponsor and main point of project. Combined,

Matthew, Murali, and Maureen provided excellent guidance and feedback each and every week

to our questions and proposal iterations. Without their aide, this project would be for not.

Requirements Identified:

Scalability Concerns – 300 substations, 400 users

Demonstrated existing Substation Entry Management Module –disjoint user/substation data

5

Santan/Kyrene Site Visit

SRP Personnel:

Donald Hughes

Summary:

The O&M Manager for the Santan/Kyrene Generating Station, Donald’s team hosted us for a

site visit in early March. They educated us on the end-to-end generation of power, as well as

gave a substation tour and identify their current processes.


Personnel manually lock and unlock gates upon each visit

there is an active computing house, with communication capability, on-site at most substations

Security Operations

SRP Personnel:

Earl Blades

Summary:

As a manager of the Security Operations group, Earl was able to summarize the access control

method approach at each substation and provide an overview of how, typically, a personnel

member is granted access to a substation, is given adequate privilege to possess a key for

unlocking substations, and how third party vendors interact with SRP to access substations.

Earl mentioned that currently nine of the substations are equipped with C-Cure HID readers for

security purposes. There was no mention of integrating HID readers at gate entry, however.


The existing C-Cure system only records entrance. There is no process for recording exit.

Distribution Operations

SRP Personnel:

Jeffery Packer

Summary:

Jeffery outlined for us the procedure of emergency response to a substation. He informed us

that when work is to be remotely initiated from central management, or in the case of

emergency, the accuracy of the Substation Entry Management Module is vital. Before

performing work, or sending emergency personnel to a substation, the log is checked to see who

is physically present.


For the safety of personnel, accurate and reliable entry and exit data is necessary.

6

Central Dispatch

SRP Personnel:

Jean LeJeune

Isaac (intern)

Summary:

We had the benefit of having dispatch in on a conference call, as well as meeting the group

physically in person. They toured us around the central control room and identified the

importance of the Substation Entry Management Module for sending personnel to perform work

on substations.

Jean was able to clarify for us that the data for the Substation Entry Management Module is

editable, and is not a 1:1 match for personnel data.

Isaac, an intern, was able to clarify for us the batch exit process that occurs nightly.


The nightly substation batch checkout is unsafe and in an ideal system, would not exist.

Summary of Need

By working with the aforementioned personnel groups from SRP, we were able to narrow our

requirements list to these four succinct items:

1 Log both entry and exit of substations

2 Complete accuracy of physical presence

3 Cohesive and accurate substation and employee data

4 Elimination of nightly batch checkout

Upon this initial assessment, we based our solution to meet these five requirements.

7

3.0 Proposed Solution

Based off the initial assessment we researched traditional access control methods. By looking

into different forms of physical barriers, (varying from mass-transit access control to military

base access control), we arrived at an initial solution that met the five needs while physically

securing the substations.

This solution comprised of purchasing new equipment, new gates, and a completely new

software suite to handle the data that would be collected from what is now, essentially, a locked

down substation.

You can view this alternate solution in the appendix.

In this earlier solution, access to a substation would only be granted once the user was able to

verify their identity, an electronic lock fired, and the gate allowed to be opened. However, the

Computer Applications Group brought up significant points of weakness regarding our approach

using physical access control:

What about when a substation is ‘offline’ and without internet and power?

How does the system address tailgating? How can it grant access to multiple users?

This scenario of a powerless, communication-less, substation presented our team a new

challenge, and revealed a new sixth requirement:

Newly Found Requirement

The client needs an offline solution that is always available and provides no physical barrier to

entry.

1 Log both entry and exit of substations

2 Complete accuracy of physical presence

3 Cohesive and accurate substation and employee data

4 Elimination of nightly batch checkout

5 Always available system with no physical barrier to entry

8

Eller SRP Team Proposal:

With the client’s needs fully justified, we can now specify how two different approaches will

coexist to satisfy the needs of end users of the Substation Entry Log Management Module:

This proposed solution meets the mentioned requirements, with both models

existing independently of one another, allowing SRP the flexibility to implement

either model at their own pace and scale.

Most importantly however, the proposed models insure that SRP personnel is accounted for

while in a substation, providing the highest measure of safety possible before work is completed,

or emergency crew is required.

IP Enabled Substation

To automate the process of substation entry and exit recording and provide the scalability to

meet business needs, we recommend utilizing C-Cure HID Readers at each substation point of

entry:

Requisite Hardware

The purchase of a C-Cure ProxPro II HID Reader would be required where this model is to be

implemented. The reader will capture data off existing SRP personnel badges and send the time

of entry, substation ID, and employee ID of any personnel who unlocked/locked the point of

entry.

To see technical specification and capability of the C-Cure ProxPro II HID Reader, visit the

appendix.

HID Reader

Existing Substation Log Module

IVR System

IP Enabled Substation Offline Substation

9

Process Change

When looking at the existing process, there is room for human error. By implementing a HID

reader at gate entry, this process becomes simplified, but more importantly, more accurate.


2 Personnel arrives at substation

3 Personnel unlocks padlock at substation, entry is recorded into Substation Log

4 Personnel finishes work, locks padlock, exit is recorded into Substation Log

Benefit

The IP Enabled Substation model meets end user requirements while providing added benefit:

Scalability: Can be used to include vehicles (see appendix)

Compatibility: Integrable with C-Cure security systems

Accuracy: With little human interaction, entry and exit data is logged automatically

Offline Substation

To minimize the likelihood of human error in logging substation entry, and to minimize the

likelihood of personnel forgetting to check out of a substation upon exit, we recommend

utilizing an automated IVR system process for every entry and exit.

Process Change

When looking at the existing process, there is room for human error. By implementing an

automated IVR system required as part of entry process, this process becomes simplified, but

more importantly, more accurate.


2 Personnel arrives at substation, calls into IVR for check-in, inputs visit data

3 Personnel unlocks padlock at substation

4 Personnel finishes work, locks padlock, calls into IVR for check-0ut

Optional IVR automated follow-up after timeout (upon missed check-out)

This process change introduces an automated phone system, rather than the two operators who

physically tend to the central dispatch substation check-in/check-out phone system.

(2) The automated system would prompt for the personnel member’s employee ID, the posted

substation ID of their visit, and the duration (in hours) of their visit -- a graphical overview.

10

(Optional) Upon finishing work, if the personnel member forgot to checkout, the IVR system

will dial back to the personnel member’s listed phone number and confirm their presence. If the

personnel member does not extend their visit duration, or simply does not answer the phone

call, the supervisor or designated next point-of-contact for that personnel member contacted.

This process insures that each and every check-in to the Substation Entry Management Log has

a corresponding checkout. If the original personnel member does not provide the checkout, the

system automatically follows up with the next point of contact until the issue is resolved.

Requisite Hardware

The offline substation model will leverage SRP’s current infrastructure. SRP currently uses

NICE IVR to correspond with customers for customer billing and customer service. NICE was

not available to the Eller SRP Team for correspondence, but utilization of SRP’s pre-existing

relationship with the company can surely provide the process mentioned above.

In the event NICE IVR is incapable of supporting this process, there are alternative approaches

to this proposal.

Benefit

The Offline Substation model meets end user requirements while providing the below benefit:

Availability: The IVR system operates independently of substation power and capability,

in case of power outage or substation work, the IVR is still available for logging

Accuracy: Eliminates the need for a batch nightly checkout by constantly checking for

personnel who have overstayed their provided visit duration.

Database Considerations

Both the IP Enabled and Offline Substation models require user data and substation data to be

accurate and usable cohesively.

However, currently, the Substation Entry Management Module operates off a separate data

source than the data source that provides active employee data. This disjointed view of data will

have to either be consolidated into a single database or the employee data source made available

to the Computer Applications Group for integration with the Substation Entry Management

Module for accurate, automated, check-in and check-out.

11

4.0 Cost Analysis

IP Enabled Substations

In the IP Enabled model, the only requisite purchase is of C-Cure ProxPro II HID readers.

Item Item Cost Units

C-Cure ProxPro II HID Reader $130.00 300 (1 per substation) Extended Cost: $39,000

Offline Substations

In the Offline Substation model, the only requisite purchase is the expansion of SRP’s NICE IVR

capability.

However, to see cost of related systems, see related technologies in the appendix.

12

5.0 Appendix

The appendix contains technical specification of recommended hardware, alternative solutions,

the alternative costs, the corresponding use case scenarios for these alternative solutions, and a

sample data flow of the alternative solution.

Technical Specification of C-Cure ProxPro II:

13

Technical Specification of IVR Interaction:

14

Alternative Solutions

IP Enabled Substations

Ademco 5355AGK00HID Reader:


Ademco 5355AGK00HID Reader $170.00 300 (1 per substation) Extended Cost: $51,000

Maxiprox 5375AGN00 HID Reader:


Maxiprox 5375AGN00 HID Reader $380.00 300 (1 per substation) Extended Cost: $114,000

Offline Substations

QuickFuseApps– A web hosted automated IVR system.

Toll-free numbers Inbound Outbound Transfer SMS

Rates $10 /DID every 30d $0.10 /min $0.10 /min $0.03 /min $0.10 /msg

Twilio Voice – A web hosted automated IVR and PBX system.

Twilio

Voice Inbound/minute Outbound/minute Toll-free/minute

First 500k

Minutes /

month

$0.010 $0.020 $0.030

http://quickfuseapps.com/

http://www.twilio.com/

15

Supplemental Solution - Physically Access Controlled Substations

An ideal substation access solution for SRP insures the safety of its employees and attendants by

logging entry and exit data with as little reliance on human interaction possible. For this reason,

a three-part system combining RFID authentication, electrically locked gates, and a centrally

accessible system is recommended:

Three Component Solution:

GAO RFID Access Control Software System

LockMaster LM148 Electronic Locks

Blackberry Grabba Remote RFID System

Bear in mind, these components are not dependent on each other for operation. This recommendation provides flexibility and modularity based need and implementation cost of each substation.

Component 1: GAO RFID Access Control Software System

GAO RFID Access Control Software System is an integrated access control software package that is suitable for different types of RFID access control applications. With RFID hardware and an everyday PC, the system is able to handle personnel and vehicle access control for an entire building Benefits:

24 hour Unmanned Operation Once the system is set up and configured, no additional user input is required. Access will be automatically granted to those who present a valid registered RFID tag at an access point. Remote Management through Web Interface The system can be managed remotely through a Web interface. Tags and tag holders can be added, edited, and removed by the responsible staff at the head office without them having to travel to the site. Applies to Both Personnel and Vehicle Access Control Access to the front gate, parking lot and any other type of access point can be controlled simultaneously in the same system. Compatible with Various RFID Hardware Passive LF, HF and UHF and semi-passive and active technologies can all be flexibly used together in the same system. A typical application is to use HF short range card tags for personnel access and UHF long range windshield tags for vehicle access. Real-Time Map View Through the software interface, the user is able to create a map for the site and monitor the activities at different access points on the desktop in real time.

16

Group Management Tag holders can be divided into different groups. The user can specify access points each group can access, as well as different time restrictions for access. Customizable Reporting Activities are stored in the database and reports can be generated by specifying different criteria such as dates, group names, access points and tag holder names.

Component 2: LockMaster LM148 Electronic Locks

While it is possible to purchase these items standalone from an RFID reader and electric relay, it is advisable to purchase these items collectively as a whole to insure product standardization and compatibility.

The LockMaster LM148 works with any 24V gate opening mechanism. For added security, the device unlocks and locks automatically as gates open and close. Also, when in a powerless state, the device comes with a keypad and keyed manual release. Other recommendations:

Chamberlain 915GA Automatic Gate Lock Designed for push-to-open and pull-to-open gates, unlike the sliding gate mechanism provided by LockMaster. Works with any 24V gate opening mechanism. As a fail safe, this lock sits in a restful locked state until an electric current forces the lock into the unlocked position.

Mighty Mule #FM143 Instead of RFID, the Mighty Mule is designed for interaction with automatic opening systems. It’s best to consider purchasing this component as part of a bigger system.

Component 3: Blackberry Grabba

The Blackberry Grabba device can act as a remote RFID authentication device. At a substation where internet access is not available, the Grabba can serve as the authenticating party for substation attendants to verify their identity and be granted access. Features in a Grabba?

Beyond RFID, the Grabba is expandable to support other authentication forms:

2D Barcodes – all industry standard codes supported OCR Reader – OCR-4, OCR-8 Infra Red transmit/Receive – Standard IR (custom formats available) Signature Capture Fingerprint Reading

Advantages:

17

The Grabba is directly connected to the BlackBerry® smartphone via the USB port This direct connection provides the ultimate in data security as nothing is ever transmitted wirelessly. The Grabba uses its own internal rechargeable battery to carry out all of its data collection. It does not need to be plugged in.

Category Brand Name Price

RFID GAO RFID access control $3,500.00

Electronic Lock LockMaster Electric Lock LM148 $179.00/unit

RELAY OMRON MY2NJDC24+PYF08A-E $10/unit

Remote RFID Grabba Software $500

Supplemental Use Cases with Alternative Solution

USE CASE – UC 1

Check-in Personnel

TYPE OF USE CASE: Front-end/Basic

NAME OF USE CASE: Check-in Personnel

USE CASE NUMBER: 1

PROJECT Substation Log Entry

STATUS

Process Identification: 03/21/12

Basic Flow: First draft 03/23/12

DESCRIPTION:

This Use Case describes the process of checking-in personnel at a substation facility.

BUSINESS REQUIREMENTS:

Substation log entry application shall allow the users to maintain check-in/check-out

information of the personnel who have accessed the substation facilities.

USER REQUIREMENTS:

18

User should be able to check-in to a substation

BUSINESS RULES:

N/A

PRIMARY ACTORS:

SRP Substation personnel , SRP System Admin

Triggers:

An authorized employee/contractor has arrived at a substation.

Pre-conditions:

1. The employee/contractor must have been created in the system database.

Post condition on Failure:

1. The employee/contractor was not checked-in successfully.

BASIC FLOW:

1. The employee scans his RFID enabled ID at the RFID reader.

2. If the signal strength and the duration criteria have been met, the system will

authorize that tag/employee - if they exist in the system database

3. An entry is made into the log file which updates the clock-In time.

4. Access into the substation is granted by unlocking the door

5. The system administrated at the back end is notified via the GUI about occurence

ALTERNATE FLOWS:

1. In case an employee forgets his or her id card

SRP personnel/security at the substation entry can use his her/her employee id

to check-in the employee.

There can be a keypad on the external reader for PIN numbers to override a No

Card situation or for enhanced security.

2. For a visitor

An SRP employee needs to company the visitor and his if will be scanned at the

reader

19

DESIGN SPECIFICATIONS:

Access information can also be tied to a Windows Active Directory or LDAP for user

authentication and therefore be synchronized to an authorized access scheme

ASSUMPTIONS:

N/A

PROMPTS AND MESSAGES:

N/A

NON-FUNCTIONAL REQUIREMENTS:

USE CASE – UC 2

Check-out Personnel


NAME OF USE CASE: Check-out Personnel

USE CASE NUMBER: UC 2


STATUS



DESCRIPTION:

This Use Case describes the process of checking-out personnel from a substation facility.



information of the personnel who have accessed the substation facilities

USER REQUIREMENTS:

User should be able to check-out to a substation

20

BUSINESS RULES:

N/A

PRIMARY ACTORS:

SRP Substation personnel

SECONDARY ACTORS:

N/A

Triggers:

An authorized employee/contractor is departing a substation.

Pre-conditions:


Post Conditions on Success:

1. The employee/contractor has been checked-out successfully.

Post condition on Failure:

2. The employee/contractor was not checked-out successfully.

BASIC FLOW:

1. The employee scans his RFID enabled ID at the RFID reader.

2. If the signal strength and the duration criteria have been met, the system will

authorize that tag/employee - if they exist in the system database

3. An entry is made into the log file which updates the clock-Out time.

4. Employee is checked out by unlocking the door

5. The system administrated at the back end is notified via the GUI about an action

being taken place

ALTERNATE FLOWS:

1. In case an employee doesn’t have his id card

SRP personnel/security at the substation entry can use his her/her employee id

to check-in the employee.

There can be a keypad on the external reader for PIN numbers to override a No

21

Card situation or for enhanced security.

2. For a visitor

An SRP employee needs to company the visitor and his if will be scanned at the

reader

DESIGN SPECIFICATIONS:

Access information can also be tied to a Windows Active Directory or LDAP for user

authentication and therefore be synchronized to an authorized access scheme

ASSUMPTIONS:

N/A


N/A

USE CASE – UC 3

End-of-Day Checkout


NAME OF USE CASE: End-of-Day Check-out

USE CASE NUMBER: UC 3


STATUS



DESCRIPTION:

This Use Case describes the process of checking-out personnel at the end of the day from a

substation facility.



information of the personnel who have accessed the substation facilities

22

USER REQUIREMENTS:

Perform an end of day check-out

BUSINESS RULES:

N/A

PRIMARY ACTORS: SRP Substation personnel

SECONDARY ACTORS: N/A

Triggers: End of day time trigger

Pre-conditions:


Post Conditions on Success:

2. The employee/contractor has been checked-out successfully.

BASIC FLOW:

The RFID time clocks are used to set the duration until when an employee can be in the

substation. It keeps track of employee clock-IN/OUT time.

1. At the end of the report are generated to check if every employee has checked-out of

the substation.

2. If not then the employee is contacted to be check out of the system


N/A

NON-FUNCTIONAL REQUIREMENTS:

N/A

EXTERNAL INTERFACES:

N/A

23

Data Flow of GAO RFID System

1.0Receive and Process

Access Request

D1: User FileD3: Log File

D2: Substation File

User

System Admin

System Configuration and Maintenance

Database Administrator

User&Substation Database Entry and Modification

Management

Substation Log Check ResponseSubstation Log Check Request

Access Request

Access Request Response

User Information

2.0Receive and

Update Customer Information File

User Records Update

Substation Records Update

Update Log File

4.0Receive and Process

Access Request

3.0Receive and Process Log Check Request

Retrieve Log File

D4: Configuration

FileUpdate Configuration

table of contents - university of arizona

Documents