Preview:
Citation preview
- 1. Remote Monitoring and Control of Substations Where do RMAC,
NERC, FERC, and CIP5 Collide? Dwight Linn CEO FAE Telecom
- 2. NERC CIP Regulations: Framing the Discussion How does this
impact my utility? What is the minimum I need to do? What are other
utilities doing? What are the industry best practices? Where is my
investment best spent? How will the CIP evolve? How can I take
advantage of the new regulations?
- 3. U. S. Electric Grid: Current Condition 150,000 Substations
Electric grid soft spot Critical impact Relatively easy impact
Large number of targets Long lead time to replace Difficult to
repair Highly interconnected Diagram courtesy of Congressional
Research Service. Sources: GIS data from Platts, HSIP Gold 2013
(Ventyx), and ESRI.
- 4. Common Vulnerabilities
- 5. The Evolution of Critical Infrastructure Protection
Requirements External Threat Profiles Social Engineering Physical
Attack Non-Compliance Fines Cyber Attack Utility Systems People
Facilities Processes Technology Internal Threat Profiles
Disgruntled Staff Sabotage Reputation Data Manipulation Responding
requires planned and coordinated efforts across the
organization
- 6. Spirit and Intent of NERC CIP Protect, deter potential
threats to utility facilities, substations, and control centers
that if rendered inoperable or severely damaged could result in
widespread instability, uncontrolled separation, or cascading
failures within an interconnection
- 7. Related Definitions BES Cyber Asset: Within 15 minutes of
its required operation, misoperation, or nonoperation, adversely
impacts one or more facilities, systems, or equipment. Affects the
reliable operation of the Bulk Electric System Each BES Cyber Asset
is included in one or more BES Cyber Systems. BES Cyber System: One
or more BES Cyber Assets Logically grouped Perform one or more
reliability tasks
- 8. Related Definitions Control Center: One or more facilities
hosting operating personnel that monitor and control the BES in
realtime: A Reliability Coordinator A Balancing Authority A
Transmission Operator for Transmission Facilities at two or more
locations A Generation Operator for generation Facilities at two or
more locations
- 9. Reality of Current Environment Diversity and Amount of
Equipment at the Remote Site Complexity at the Remote Site Avoid
Outages Restore Outages Do More with Less Disaster Preparedness
Theft Prevention Network Security Managing Costs NERC/FERC/CIP
- 10. FAE methods Life Cycle Management Overview Physical Design
Construct Code Testing Requirements Logical Design Feasibility
SupportDeploymentTraining
- 11. NETWORK ARCHITECTURE MATTERS Start with the Physical layer
first For Fiber based- DWDM/CWDM and SONET Rings Metro/Regional
CoreNetwork Core Access Network OC-192 to OC-768 OC-48 to OC-192
OC-3 to OC-48 Network Criteria for Next Generation Networks
Continuous Bandwidth Growth from IP traffic Upgrade without Service
Interruption all parts Gradual Investment Scale cost with Demand
Network Convergence on Triple Play- Voice,Video, Data
- 12. 22 of data ARCHITECTURE MATTERS TO DATA FLOW Clear traffic
demarcation: IT SCADA Substation Automation Trac Isolation
Troubleshooting easier More precise Moves/Adds/Changes standardized
Services/Applications scale Optimal route selection More
deterministic Load balancing more eective Clustering of resources
and performance simplied
- 13. ARCHITECTURE MATTERS TO SEC OPS CIP007 Methods, processes,
and procedures Ensure changes to systems and assets within an ESP
do not weaken security Compliance requirements Readily mapped
Audited Clearly dene ESP entry and exit points Uniform network
transport services like encryption, Remote Access for ESP devices
Identiable Controllable
- 14. HOW ARCHITECTURE HELPS COMPLIANCE CIP-010 Conguration
Change Management New standard with both new and relocated
requirements Baseline congurations Pre-change testing Conguration
monitoring
- 15. Network and Operations under control? Data leakage still
happens! Hard to control drive-by HD photography Partner projects
may be completed, what happens to project data? Even
well-intentioned information usage can be a problem
- 16. Distributed Intelligence Resides at the site Collects and
processes information Notify/Reports status To multiple management
systems To appropriate person by email or text Makes decisions
Takes action Reports network performance/availability User access
audit trail Network security
- 17. Summary Regulations newly issued have evolved over years of
increased emphasis on protecting critical infrastructure.
Effectively meeting the regulations is more than just checking a
box requires a careful consideration of how to implement an
appropriate level of protection. No utility can ensure 100%
protection. Plan to deter threats Mitigate vulnerabilities Minimize
consequences. A measured, programmatic approach The most effective
response to meeting CIP requirements will involve many different
areas of your operation.
- 18. Thank you Questions? Dwight Linn DwightL@FAETelecom.com
Booth 235 Expo