cybersecurity -providing secure access to …...cybersecurity – providing secure access to...
TRANSCRIPT
FEDERAL UTILITY PARTNERSHIP WORKING GROUP SEMINAR
November 15‐16 2017 Ontario California
Cybersecurity ndash Providing Secure Access to Operational Data while Protecting
Industrial Control Networks Hosted by
OSIsoft - We believe People with Data can Transform their World
ldquoOSIsoft and the PI System exist to make you smarter enabling better decisions and improved
ldquoData is valuable The more data you have the more value you haverdquo Dr Patrick Kennedy Founder OSIsoft
operational and reliability excellencerdquo Christopher J Crosby Principal Advisor OSIsoft
ldquoOSIsoft delivers the information infrastructure for the operating worldrdquo David Mount Partner KPCampB and Former OSIsoft Board Member
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
About OSIsoft
copy Copyright 2016 OSIsoft LLC
Founded in
1980
Global Presence 27
Offices Worldwide
1300 Employees
65 of Global 500 Process amp Manufacturing
Makers of 1 Solution Infrastructure
The PI SystemCommercially Off-the-Shelf (COTS)
World-Class Customer Support
15000+ Installations
4000+ Customers
in 123 Countries
Power amp Utilities Oil amp Gas ChemicalPetro Metals amp Mining Pulp amp Paper Pharma Life Sciences
DatacentersFacilities DiscreteFood amp Bev Transportation
Pathfinders Over 20 of
Revenue in RampD
Privately Held Company
An Infrastructure for Digital Transformation
SMART MACHINES
SMART DEVICES
MindSphere
ENTERPRISE ANALYTICS AND
APPLICATIONS
OEM PI
PI Connectors amp Interfaces
Connected Services
PI Integrators
OSIsoft Cloud
Services
OSIsoft Marketplace
Sensors Actuators Intelligent Motor Control Controllers Terminals
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development Regulations and Standards
10CFR7354 -- ldquoProtection of digital computer and communication systems and networksrdquo NRC Reg Guide 571 -- ldquoCyber security programs for nuclear facilitiesrdquo NIST 800-53 -- ldquoRecommended security controls for federal information systemsrdquo NIST 800-82 -- ldquoIndustrial control system securityrdquo DHS Control Systems Security Program -- ldquoSecure architecture designrdquo NEI 08-09 -- ldquoCyber security plan for nuclear power reactorsrdquo NERC Critical Infrastructure Protection
Collaboration and Cooperation ndash Regulators and Industry
NRC ndash Regulator NEI ndash Industry Group
NITSL ndash Nuclear Information Technology Strategic Leadership
Nuclear Licensees
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
OSIsoft - We believe People with Data can Transform their World
ldquoOSIsoft and the PI System exist to make you smarter enabling better decisions and improved
ldquoData is valuable The more data you have the more value you haverdquo Dr Patrick Kennedy Founder OSIsoft
operational and reliability excellencerdquo Christopher J Crosby Principal Advisor OSIsoft
ldquoOSIsoft delivers the information infrastructure for the operating worldrdquo David Mount Partner KPCampB and Former OSIsoft Board Member
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
About OSIsoft
copy Copyright 2016 OSIsoft LLC
Founded in
1980
Global Presence 27
Offices Worldwide
1300 Employees
65 of Global 500 Process amp Manufacturing
Makers of 1 Solution Infrastructure
The PI SystemCommercially Off-the-Shelf (COTS)
World-Class Customer Support
15000+ Installations
4000+ Customers
in 123 Countries
Power amp Utilities Oil amp Gas ChemicalPetro Metals amp Mining Pulp amp Paper Pharma Life Sciences
DatacentersFacilities DiscreteFood amp Bev Transportation
Pathfinders Over 20 of
Revenue in RampD
Privately Held Company
An Infrastructure for Digital Transformation
SMART MACHINES
SMART DEVICES
MindSphere
ENTERPRISE ANALYTICS AND
APPLICATIONS
OEM PI
PI Connectors amp Interfaces
Connected Services
PI Integrators
OSIsoft Cloud
Services
OSIsoft Marketplace
Sensors Actuators Intelligent Motor Control Controllers Terminals
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development Regulations and Standards
10CFR7354 -- ldquoProtection of digital computer and communication systems and networksrdquo NRC Reg Guide 571 -- ldquoCyber security programs for nuclear facilitiesrdquo NIST 800-53 -- ldquoRecommended security controls for federal information systemsrdquo NIST 800-82 -- ldquoIndustrial control system securityrdquo DHS Control Systems Security Program -- ldquoSecure architecture designrdquo NEI 08-09 -- ldquoCyber security plan for nuclear power reactorsrdquo NERC Critical Infrastructure Protection
Collaboration and Cooperation ndash Regulators and Industry
NRC ndash Regulator NEI ndash Industry Group
NITSL ndash Nuclear Information Technology Strategic Leadership
Nuclear Licensees
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
About OSIsoft
copy Copyright 2016 OSIsoft LLC
Founded in
1980
Global Presence 27
Offices Worldwide
1300 Employees
65 of Global 500 Process amp Manufacturing
Makers of 1 Solution Infrastructure
The PI SystemCommercially Off-the-Shelf (COTS)
World-Class Customer Support
15000+ Installations
4000+ Customers
in 123 Countries
Power amp Utilities Oil amp Gas ChemicalPetro Metals amp Mining Pulp amp Paper Pharma Life Sciences
DatacentersFacilities DiscreteFood amp Bev Transportation
Pathfinders Over 20 of
Revenue in RampD
Privately Held Company
An Infrastructure for Digital Transformation
SMART MACHINES
SMART DEVICES
MindSphere
ENTERPRISE ANALYTICS AND
APPLICATIONS
OEM PI
PI Connectors amp Interfaces
Connected Services
PI Integrators
OSIsoft Cloud
Services
OSIsoft Marketplace
Sensors Actuators Intelligent Motor Control Controllers Terminals
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development Regulations and Standards
10CFR7354 -- ldquoProtection of digital computer and communication systems and networksrdquo NRC Reg Guide 571 -- ldquoCyber security programs for nuclear facilitiesrdquo NIST 800-53 -- ldquoRecommended security controls for federal information systemsrdquo NIST 800-82 -- ldquoIndustrial control system securityrdquo DHS Control Systems Security Program -- ldquoSecure architecture designrdquo NEI 08-09 -- ldquoCyber security plan for nuclear power reactorsrdquo NERC Critical Infrastructure Protection
Collaboration and Cooperation ndash Regulators and Industry
NRC ndash Regulator NEI ndash Industry Group
NITSL ndash Nuclear Information Technology Strategic Leadership
Nuclear Licensees
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
An Infrastructure for Digital Transformation
SMART MACHINES
SMART DEVICES
MindSphere
ENTERPRISE ANALYTICS AND
APPLICATIONS
OEM PI
PI Connectors amp Interfaces
Connected Services
PI Integrators
OSIsoft Cloud
Services
OSIsoft Marketplace
Sensors Actuators Intelligent Motor Control Controllers Terminals
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development Regulations and Standards
10CFR7354 -- ldquoProtection of digital computer and communication systems and networksrdquo NRC Reg Guide 571 -- ldquoCyber security programs for nuclear facilitiesrdquo NIST 800-53 -- ldquoRecommended security controls for federal information systemsrdquo NIST 800-82 -- ldquoIndustrial control system securityrdquo DHS Control Systems Security Program -- ldquoSecure architecture designrdquo NEI 08-09 -- ldquoCyber security plan for nuclear power reactorsrdquo NERC Critical Infrastructure Protection
Collaboration and Cooperation ndash Regulators and Industry
NRC ndash Regulator NEI ndash Industry Group
NITSL ndash Nuclear Information Technology Strategic Leadership
Nuclear Licensees
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Nuclear Industry Cybersecurity Program Development Regulations and Standards
10CFR7354 -- ldquoProtection of digital computer and communication systems and networksrdquo NRC Reg Guide 571 -- ldquoCyber security programs for nuclear facilitiesrdquo NIST 800-53 -- ldquoRecommended security controls for federal information systemsrdquo NIST 800-82 -- ldquoIndustrial control system securityrdquo DHS Control Systems Security Program -- ldquoSecure architecture designrdquo NEI 08-09 -- ldquoCyber security plan for nuclear power reactorsrdquo NERC Critical Infrastructure Protection
Collaboration and Cooperation ndash Regulators and Industry
NRC ndash Regulator NEI ndash Industry Group
NITSL ndash Nuclear Information Technology Strategic Leadership
Nuclear Licensees
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Nuclear Industry Cybersecurity Program Development
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Nuclear Industry Cybersecurity Program Development
Empowering Business in Real-Time copy Copyright 2015 OSIsoft LLC
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Exelon Nuclear Advanced Performance Monitoring
Empowering Business in Real-Time copy Copyright 2014 OSIsoft LLC
On-Line Monitoring
Analytical Tool Diagnostic
Advisor
Asset Fault Signature
System Performance Monitoring Plans
Wireless Sensors
Exel
on N
ucle
ar F
leet
Plant IQ Tech Exam
Remaining Useful Life
Advisor
PI System
Transformer Data
Chemistry Data
PDM Database
Wired Sensors
Other Testing Data
(Surveillance Electrical
Testing etc)
7
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Exelon Nuclear Architecture
copy Copyright 2016 OSIsoft LLC 8
Business System Interfaces
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Proprietary Information copy Copyright 2014 by Waterfall Security Solutions
reg
9
Unidirectional Security Gateways
Hardware-enforced security
Laser in TX photocell in RX fibre-optic cable ndash you can send data out but nothing can get back in to protected network
TX uses 2-way protocols to gather data from protectedindustrial network
RX uses 2-way protocols to publish data to externalcorporate network
- Used with Permission
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Utility Control Systems
SCADA
Advanced Meter Infrastructure
Building Control Systems
Installation Level
Secure technology platform that enables data exchange at all touch-points and hosts Smart
Grid analytics
Facility and Energy Operations Center (FEOC)
Navy Smart Grid ndash Andy Knox Naval Facilities Engineering Command August 15th 2017 (EE)
Platform Enclave Navy-UMCS
A regionally centralized cyber secure monitoring and control system that analyzes building energy and utility data to generate actionable information or automatically
adjust energy usage Regional Level
Facility amp Utility Level
Secure ConnectionFiber
Energy Exchange Connect bull Collaborate bull Conserve Modified by OSIsoft for Presentation Purposes
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Smart Grid in the Navy ndash Andy Knox
Navyrsquos Smart Grid Program will deploy and sustain smart grids at all nine regionally-based locations
Energy Exchange Connect bull Collaborate bull Conserve
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Challenges and Lessons Learned ndash Andy Knox
bull Cyber security ndash diverse control system accreditation
bull Connection and integration of advanced metering infrastructure building and utility control systems enables broader visibility
bull Centralized analytic capability with actionable information accessible at field level
bull Operations requiring coordination across traditional work units
Energy Exchange Connect bull Collaborate bull Conserve
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Success Factors in the Transfer of Commercial Cybersecurity Experience to Defense
bull Leverage COTS (ATO expected before end of year) bull Leverage Commercial sector experience and industry investment (nuclear industry alone estimated at $1B over last six years)
bull Involve NEC (Federal IT folks) early bull Find Operational Technology (OT) experience with deep expertise in IT systems and networking technology
bull Understand RMF process (lifecycle management establish and maintain a lsquoprocessrsquo ‐ not a lsquoprojectrsquo)
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA
Please wait for the microphone before asking your questions
State your name amp organization
Chris Crosby Principal Advisor Business Transformation ccrosbyosisoftcom Cell +1-843-323-2570
OSIsoft LLC
Federal Utility Partnership Working Group November 15‐16 2017 Ontario CA