Protecting the continuity of critical national infrastructure (CNI) sites such as data centres, utilities, mass transit and distribution hubs or communications networks is vital for a modern economy. In the case of a fire, it is essential to minimise any disruption and to avoid potential impact on businesses and consumers, as a blaze can spread quickly and totally wipe out network operations with very little warning.
While it’s true that data centre downtime is usually caused by glitches due to human error or increasingly cybercrime, it also remains a grim fact that about 6 percent of all data centre infrastructure downtime is caused by fires, which have the capacity to shut down any number of critical operations. And when you consider the magnitude of the heat generated by equipment in a data or telecommunications centre – in a typical data centre, five thousand watts of IT thermal load could require 10,000 watts or more of cooling power – a fire incident becomes a reasonable possibility.
And, as data centre professionals are aware, because of this ratio whereby it takes more power to cool than to heat, major data centre developers in their quest for optimum Power Usage Effectiveness (POE) are, in consequence, turning more and more to locations in areas with favourable cold climates. Such decisions, while aimed at realising cost-effective energy strategies, equally serve to counter the hazard of excessive heat loads, which by burdening data centre electrical circuits become all to readily the source of typical server room fires.
So, clearly – against this background of intensifying vigilance – life safety and asset security critically depend on the correct specification of the fire suppression system because there can be no doubt that devastation by fire is one of the worst types of incidents a data centre may ever have to deal with. Not forgetting the knock-on effects of data loss, even temporarily, that such incidents often inflict, taking sometimes many months to overcome.
The penalty for downtime
Less than two years ago, thousands of customers were deprived of service for an entire day when a major national telecom data centre caught fire – an incident compounded by the site of the fire being the space used to provide power and connectivity to the centre’s IT load.
To add a broader global perspective on nationwide infrastructures: two years earlier, on two continents, electrical fires less than a month apart brought down a range of critical services and lines of communication in two data centres holding national government and municipal records and registries. In each case, these communications nerve centres suffered fires that compromised network equipment and hundreds of major communications servers, creating administrative chaos.
Critically, in one of these cases, repair costs upward of £4million from insurance payouts were exceeded by additional costs of £5million for ongoing restoration of assets.
Such grave incidents stand out as reminders to responsible risk management of the central task of a fire safety system, which – at the same time as critically protecting life – is to keep the business functioning, even in the event of a fire, by remedying the situation before it becomes a catastrophe.
Fire prevention is one of the most neglected areas of data centre planning, but attitudes may be changing as more IT professionals become aware of the enormous risks posed by fire. According to the latest report on data centre downtime recovery costs, the average cost of unplanned IT downtime is about £600,000. When you consider the penalties for a crippled IT system, they can include the costs of time-consuming manual operation of automated features by extra staff added to the ‘reputational damage’ to an organisation in terms of brand value and customer loyalty.
Of particular concern is the estimate that 43 percent of businesses forced to close by fire never reopen. The fallout from such catastrophes can be measured by the unplanned downtime for no more than an hour of a global internet commerce and cloud computing business, which cost the company £4 million. A further sobering thought is the calculation, from industry studies, that as many as 93 percent of companies that lose their data centres for 10 days or more, due to a disaster, file for bankruptcy within one year.
The penalties from downtime can be immense, if not insurmountable. Yet, preventative strategies that effectively delivered business continuity after a fire in a serious emergency incident in Denmark could provide answers. In a recent arson attack on a Danish company its IT room and data survived unscathed, thanks to the triggering of a fire suppression system, which flooded the room with a blend of inert gases allowing the servers and network to continue as normal within an hour.
The extinguishing effect of inert gases is achieved by displacing the oxygen in the air. Assets are protected by the slow response that is typical of inert gases. In this case, nitrogen is not poisonous and is particularly well-suited for protecting highly frequented areas, while argon and carbon dioxide, which is heavier than the surrounding air, pervades the ground-level flood-area quickly and thoroughly making it more suitable for less frequented areas.
The extinguishing gases CO2, nitrogen and argon, referred to as inert gases, are colourless, non-conductive and do not leave residues. They are slow to react and do not usually result in any chemical interactions with the fire or other materials. These pure gases, which are available in our natural environment and are recommended for use in extinguishing systems, are derived largely from the air we breathe and if released do not adversely affect the environment. For procurement they have the advantage being vendor neutral and are readily available worldwide; with the choice of fire suppressant technology being driven by the category of risk protected and to meet increasingly stringent environmental and insurance criteria.
This technology is specified in environments where system continuity is critical, and fire prevention management of the highest reliability is essential, as most fires cannot be sustained with less than 15 percent Oxygen; a phenomenon of physics central to the development of inert gas automatic fire extinguishing systems.
The significant advance in digital addressable fire alarm systems means contractors and system integrators can apply the superior benefits of the technology to more solutions. Supported by high integrity fire data comms, such systems fulfil compliance criteria for traceability by their precise pinpointing of an addressable detector’s ID for both status interrogation and service and maintenance audits. Critically, these advances allow users to effectively troubleshoot the system for breaches while benefitting from analytics that permit the planning of environmental improvements that can reduce the lifecycle costs of the system.
Of course, behind these vital preventative actions lies the first line of defence configured by the network constructor whose duty, when laying the foundations of the system’s firewall, is to implement strategic security safeguards calculated to serve all stages of the life cycle of an intelligent BMS (Building Management System) . . . safeguards that not only insure against potential risk to life by rogue systems but forestall operational malfunctions and fiscal loss.
Defeating the hacktivists
So, crucially, when engaged on a system’s installation or its expansion with new devices, developers should observe the first golden rule of good practice: recognize that new products may have minimal security credentials to allow for easy system setup yet these default credentials, if not changed immediately, could be compromised by a cyber attack. Retention of factory-set passwords such as admin or user can be an open door for hacktivists bent on unauthorised access.
System integrators are storing up future problems unless default security parameters such as keys and passwords are changed before the system is launched. Strict management of system users’ confidentiality should ensure only complex multi-type passwords with more than 10 characters are assigned. Establish site security policies to ensure unique password credentials are adopted for each site. Avoid credentials shared among a group of users as traceability and accountability can be negated.
It’s thought that over 6 million new devices are connected to the internet every day, and very soon the number of devices with internet-enabled connectivity will outpace the population of the planet. This means some 4 billion internet users will be processing and storing billions of gigabytes of sensitive data each day – anywhere, anytime – each byte a digital prey for scammers.
No wonder, then, that new challenges and threats arising from IP (Internet Protocol) Convergence are likely to be foremost in the security concerns system developers must now confront. This is particularly true of fire detection and life safety systems, when IT-enabled convergence can permit, for example, the closer integration of devices such as smoke detectors and sprinkler indicators or lift alarms into a common interface for management control and monitoring throughout an entire building and its remote sites. Developers, therefore, be warned: 'If you can’t protect it, don’t connect it.'
Such cautionary advice is echoed by informed commentators on the digital age’s new vulnerabilities, graphically exposed by the recent global ransom-ware cyber-attacks, which led to network meltdown. ‘There are more sophisticated cyber-threats out there than WannaCry,’ warns one prominent national spokesman, highlighting the administrative shortcomings of his government’s departments whose firewalls abysmally failed, ‘so they need to get their act together to ensure they are better protected against future attacks."
In short, risk management is urged to review cyber-security standards of all those critical elements of national infrastructure whose remote access capabilities are under threat: facilities, systems, sites, property, information, people, networks and processes; more specifically IT operations such as 24/7 electronic data processing areas, telecommunications, internet co-location sites, logistics control areas, production machinery, broadcasting or CNI installations supporting essential archive resources, whose integrity taken as a whole designedly requires protection at all times.
Or else . . . the penalties for ignoring such routine risk audits can be the loss or compromise of critical data gathering which could result in a major detrimental impact on the availability, delivery or integrity of essential services, leading to severe economic or social consequences or, in the worst case, to loss of life.
Scalable control systems
Central to combating present-day critical threats to data centre integrity is the fundamental concept of ‘responsive adaptability’ in control panel system functionality that’s boosted by advanced ergonomic operations of interfaces that are simple and straightforward to understand for installers, commissioning engineers and end users alike. In addition, extensive easy-to-set-up configuration options reduce ergonomic risk factors and allow the programming of the system to be extensively modified with clarity at every step along the development-path. Such adaptability permits the flexible configuration of panels according to the needs of each interface, with the capability to match specific supervisory structures . . . for example, from the restricted entry-level user, through facilities management, to the maintenance engineer.
Case study: Bergen airport
A new life safety system based around Kentec’s Syncro XT+ addressable extinguishing control panel technology is installed in the new 4 billion Kroner (Euro 407m) terminal at Norway’s Bergen Flesland International Airport.
Bergen Flesland’s new terminal will treble the airport’s capacity and will include a new dedicated train line connecting Flesland to Bergen city centre. The terminal building itself will be scalable, featuring all core functions, including check-in, baggage, storage systems, security control, and departure and arrival halls on two separate levels.
Norwegian Brannslokkesystemer AS was commissioned to design and install a Novec 1230 extinguishing system, controlled by a Kentec Syncro XT+ network comprising 11 multi-area addressable extinguishant control panels with loop powered status indicator units and using Apollo communications protocol. Brannslokkesystemer AS imports, designs and assembles automatic gas extinguishing systems for the marine and land-based market throughout Norway.
Kentec 01322 222121