Cyber Security and Using OSIsoft to Become Compliant William E. McEvoy, Northeast Utilities Transmission Information Technology Business Service Manager.

Slides:



Advertisements
Similar presentations
Condition Monitoring Roles in Asset Reliability and Regulatory Compliance Dave Haerle, Los Angeles Department of Water and Power Scott Kunze, DataSplice.
Advertisements

Dream Report: Advanced Manual Data Entry
Copyright © 2006 Help Desk Systems, Inc. All rights reserved. Overview of Help Desk Systems Inc. (HDSI) HDSI offers a hosted, web based trouble ticket.
PI AF 2.1 and PI MDB Upgrade Laurent Garrigues, Product Manager Satyam Godasi, Sr. Software Developer.
December 12, Substation Business Applications using CIM / PI AF by Stephen Diebold Manager – Real Time Systems Kansas City Power & Light.
SYSTEM-WIDE PROCESS CONTROLS UPGRADE Detroit Water & Sewerage Department.
The System Center Family Microsoft. Mobile Device Manager 2008.
© 2008 OSIsoft, Inc. | Company Confidential Event Frames Initiative Update Chris Nelson Chris Coen Chris Nelson Chris Coen.
© 2009 OSIsoft, Inc. – Company Confidential 1 Empowering Business in Real Time Regional Seminar Series Presents: Jonathan Procopio, Project Engineer,
PI Server Security Bryan S. Owen Omar A. Shafie.
Dream Report: The Technical Basics Renee Sikes Applications Engineer Dream Report Brand Manager.
Xanthus Consulting International Smart Grid Cyber Security: Support from Power System SCADA and EMS Frances Cleveland
All content in this presentation is protected – © 2008 American Power Conversion Corporation Rael Haiboullin System Engineer Change Manager.
Empowering Business in Real Time. © Copyright 2009, OSIsoft Inc. All rights Reserved. Virtualization and HA PI Systems: Three strategies to keep your PI.
1 Value now. Value over time. © Copyright 2009, OSIsoft Inc. All rights Reserved. Using OSIsoft to Become Compliant James Cosgrove, Northeast Utilities.
© 2008 OSIsoft, Inc. | Company Confidential IT Application Monitoring Using PI AF and Notifications Josiah Thoen - AEP.
BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.
Chapter 19: Network Management Business Data Communications, 4e.
Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
1 © 2004 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID CISCO NETWORK CONNECTIVITY Center Network Connectivity Monitor 1.1.
All content in this presentation is protected – © 2008 American Power Conversion Corporation Rael Haiboullin System Engineer Capacity Manager.
Product Offering Overview CONFIDENTIAL AND PROPRIETARY Copyright ©2004 Universal Business Matrix, LLC All Rights Reserved The duplication in printed or.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
IModus User Group 18 th September. Welcome Group Introductions Brand Update Mobilising iModus Introducing the new range Discussion - Mobilising your business.
Module 10 Configuring and Managing Storage Technologies.
.. Skytap Better Software Faster Visual Studio Industry Partner Skytap NEXT STEPS Contact us at: Insert your company description here.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Security Ray Verhoeff Vice President – Engineering.
Lessons Learned in Smart Grid Cyber Security
Configuration Management T3 Webinar Feb 21, 2008 Chuck Larsen ITS Program Coordinator Oregon Department of Transportation.
FirstEnergy / Jersey Central Power & Light Integrated Distributed Energy Resources (IDER) Joseph Waligorski FirstEnergy Grid-InterOp 2009 Denver, CO November.
1 OCEANIA TECHNOLOGY SEMINAR 2008 © 2008 OSIsoft, Inc. | Company Confidential OCEANIA TECHNOLOGY SEMINAR 2008 Jason Cheshire Network Management Systems.
Copyright © 2002 OSI Software, Inc. All rights reserved Review 2002 Look-ahead.
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
Module 7: Fundamentals of Administering Windows Server 2008.
Migrating Operations Applications to PI, by Rayan Hafiz – 2005 OSIsoft User Conferences, Frankfurt.
From Compliance to Competitive Advantage Tony Fenn – OSIsoft Platform Strategist.
©2005 Aspen Technology, Inc. All rights reserved. Oil & Gas Integrated Operations using aspenONE Nick Barnett.
© 2008 OSIsoft, Inc. | Company Confidential Smart Grid, Smart Metering and DSM OSIsoft and Cisco systems Arjen Zwaag- Cisco Martin Otterson- OSIsoft.
PI Trickles Down At the Water District Emile Richard Portland Water District Portland, Maine.
Monitoring EMS Infrastructure Ann Moore San Diego Gas & Electric September 13, 2004 EMS Users Group Meeting-St. Louis.
K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.
Status Report for Critical Infrastructure Protection Advisory Group
Using PI as a Transitioning Tool to RTPM A presentation by Calpine Geothermal for the 2004 OSI Users Conference A presentation by Calpine Geothermal for.
Unit 5 CONTROL CENTERS AND POWER SYSTEM SECURITY.
Introduction to RtReports – Tony Fenn & Chris Nelson Introduction to RtReports Chris Nelson - Senior Developer Tony Fenn - Product Manager.
Topics of presentation
For 11kv substation network using technology Devices World Sdn Bhd.
© 2008 OSIsoft, Inc. | Company Confidential OCEANIA TECHNOLOGY SEMINAR 2008 PI Data Directory Ken Marsh Service Manager OSI Software Asia Pte Ltd.
1 VALUE NOW, VALUE OVER TIME © 2010 OSIsoft, Inc. | Company Confidential Empowering Business in Real Time. © Copyright 2010, OSIsoft LLC. All rights Reserved.
Technology is Integral to Corporate Culture May 8 th, 2008 H. Kevin Stogran Director - Market Operations Support OSISoft Regional Conference, Kansas City.
Analysis Framework PI AF 2.0 Foundation Project
Yokogawa Global MES Solution Centre (GMSC)
Copyright © 2007 OSIsoft, Inc. All rights reserved. Ad-Hoc Reporting Using The RtReports Web Part Tamara Carbaugh RtReports Product Manager OSIsoft, Inc.
PI in a Modern Power Plant – American National Power, Inc. PI User Conference ‘03 Presented by: Brian M. Wood, American National Power, Inc More Uses Than.
Copyright © 2002 OSI Software, Inc. All rights reserved. PI Application Framework Example Applying the Application Framework.
How AEP is Approaching the Information Management Crisis by Leveraging OSIsoft’s Suite of Tools Bill Sigmon Sr. Vice President Fossil and Hydro Generation.
Evolution of PI in an Expanding Utility’s Strategy John L. Ragone KeySpan.
2 © 2005 OSIsoft, Inc. – Company Confidential PI Utilization: Strategies for Leveraging Existing Technologies in Refining.
1 © 2008 OSIsoft, Inc. – All Rights Reserved PI T&D Users Group via LiveMeeting June 18, 2008 Transmission & Distribution Webinar PI for Asset Model and.
Sigmafine 4.3 Roberto Linares, Ph.D. Sigmafine Group Lead.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Presented by The Emerging Role of the PI System in Caterpillar’s Condition Monitoring Service David Krenek – Global Petroleum Market Professional.
HUAWEI TECHNOLOGIES CO., LTD. Huawei Storage ISM Management Pre-sales Product Training Materials Easy and Efficient WEU IT Solution Team.
ERCOT Technical Advisory Committee June 2, 2005
NERC CIP Implementation – Lessons Learned and Path Forward
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Substation Automation System
Presentation transcript:

Cyber Security and Using OSIsoft to Become Compliant William E. McEvoy, Northeast Utilities Transmission Information Technology Business Service Manager Dennis K. Kilgore, DLL Solutions, Inc. President

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 2 Fortune 500 diversified energy company located in Connecticut with operations throughout the Northeast Serving customers Connecticut, Western Massachusetts, and New Hampshire Generation, Transmission / Distribution, and Natural Gas subsidiaries Northeast Utilities - Background Electrical Distribution Service Areas

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 3 Northeast Utilities - Statistics Service Territory –11,000+ square miles –2 million+ customers Transmission & Distribution –3,000 miles of transmission lines –32,000 miles of distribution lines –513 substations

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 4 History with OSIsoft EMS Upgrade & PI Project – ’03 / ’04 –Areva EMS system upgrade CONVEX Control Center in Connecticut PSNH Control Center in New Hampshire 150 miles apart –Implement PI at each location to replace legacy historians, backfilling 5 years of data to new PI systems –Also implement PI for Transmission Business Unit “centralized” server –150,000 licensed data streams amongst 3 servers

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 5 Redundancy and Availability EMS Redundancy is required for secure operations of the Bulk Power System –Both control centers have A&B Systems EMS System Availability Statistics are critical to the management of these systems –EMS Availability commitment is 99.9% Parallel PI servers and API nodes at each site

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 6 PI in the Control Center – Log Tool

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 7 PI in the Control Center – Activity

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 8 PI in the Control Center – Station Log

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 9 PSNH SCADA PI Statistics All internal apps use web services and PI-OLEDB ~20k streams –Value & Status –Alarm & Event –SOE, using PI BatchFile auto creates tags as needed

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 10 Who is NERC? North American Electric Reliability Council –Sets standards for the reliable operation and planning of the bulk electric system –Monitors, assesses, and enforces compliance with reliability standards –Reliability standards compliance is currently voluntary, but the Energy Policy Act of 2005 will change that – soon enough…

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 11 NERC 1300 Cyber Security Standards 41 core “requirements” divided into 8 categories –~3 can benefit through this implementation –~8 must be considered for this system to be compliant Effective 1-June-2006 –Compliance assessment begins in 3Q2007 –Begin Work, Substantially Compliant, Compliant, and Auditably Compliant –Many requirements do not need to be “AC” until 3Q2010

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 12 Critical Infrastructure Protection CIP #Title / ScopeReq’s 002Critical Cyber Asset Identification4 003Security Management Controls6 004Personnel and Training4 005Electronic Security5 006Physical Security6 007Systems Security Management9 008Incident Reporting / Response Planning2 009Recovery Plans5

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 13 Assets Under NERC 1300

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 14 NU Cyber Security Initiative Kicked off it’s Cyber Security Compliance Project Team in January 2006 –Executive Sponsor –Oversight Committee –Program Manager –Critical Asset and Critical Cyber Asset Identification Teams Completed CIP-002 Requirements Kicking off CIP-003 to CIP-009 compliance teams September 2006

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 15 IT Monitor Project Objectives Provide situational awareness of PSNH ESCC infrastructure health –Network equipment, servers, desktops, RTU’s Support SCADA availability reporting Easy navigation through the information Tag and display templates to simplify on- going maintenance

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 16 Project Challenges IT vs. the world –Access to “their” equipment Security Integrity –Monitoring it without degrading it Actionable Information –You can’t watch everything all the time

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 17 SCADA Architecture

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 18 Industrial Data Center Architecture 1 PI Server –On the business LAN with the EMS PI servers –Also serves as API node for business LAN 3 API Nodes –Control Center Network –Development Network –DMZ Network ~ 6,000 data streams of IT information

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 19 IT Monitor Interfaces Being Used Performance Monitor –A single instance on each API node monitoring all computers on that network SNMP –“Managed” network devices and computers that don’t support PerfMon Ping –Simple, periodic, heartbeat metric TCP Response –Application connectivity for Web, FTP, PI, and IP Terminal Servers Windows EventLog –Security audit events and critical system messages

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 20 IT Organizer Part of the MCN Health Monitor and IT Monitor –Integrated into PI-SMT Simplifies and centralizes IT Monitor configuration –Tag and ProcessBook Display templates –Provides “Role” association capability

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 21 ProcessBook and IT Overview Links displays to network elements, greatly simplifying navigation and access to contextual information

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 22 RtAnalytics Adds Value Monitor RTU Communication Link Status –We ACE’d it! –Created a calculation that generates batches for every service interruption Create Actionable Information –Analysis Framework does the work –Red, Yellow, Green – it’s that easy

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 23 Advanced Computing Engine ACE calculation that uses PI-OLEDB provider –Parse EMS SysAct messages in PI string tag –Open / Close batches based on trigger messages Allows at-a-glance identification of what communications errors currently exist Enables analysis and reporting of overall comm. system availability, worst offenders, most intermittent, etc.

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 24 PI ACE Context Configuration Currently 7 contexts parsing messages Properties define regular expressions for message parsing, SQL ‘where clause’ filters, and start-up recovery information

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 25 Communication Outages Batches 13-Apr-06 08:05:16SCAN GROUP MNADNOCK C000 FAILED 13-Apr-06 08:05:16SCAN GROUP MNADNOCK X336 FAILED 13-Apr-06 08:05:28SCAN GROUP MNADNOCK X317 FAILED 13-Apr-06 08:05:28SCAN GROUP CHESTNUT X317 FAILED 13-Apr-06 08:05:40SCAN GROUP CHESTNUT X300 FAILED 13-Apr-06 08:05:41SCAN GROUP MNADNOCK X300 FAILED 13-Apr-06 08:05:41RTU MNADNOCK FAILED 13-Apr-06 08:06:26SCAN GROUP CHESTNUT C000 FAILED 13-Apr-06 08:07:13SCAN GROUP MNADNOCK C000 FAILED 13-Apr-06 08:07:14SCAN GROUP MNADNOCK X336 FAILED 13-Apr-06 08:07:16SCAN GROUP MNADNOCK X300 FAILED 13-Apr-06 08:07:16SCAN GROUP CHESTNUT X300 FAILED 13-Apr-06 08:07:49SCAN GROUP MNADNOCK X317 FAILED 13-Apr-06 08:07:49RTU MNADNOCK FAILED 13-Apr-06 08:07:49SCAN GROUP CHESTNUT X317 FAILED 13-Apr-06 08:08:05SCAN GROUP CHESTNUT C000 FAILED 13-Apr-06 08:08:05RTU CHESTNUT FAILED 13-Apr-06 08:39:01SCAN GROUP MNADNOCK C000 ONLINE

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 26 Accelerated InfoQuest (AIQ) Interactive OLAP Tool Flexible analysis of underlying PI data

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 27 Accelerated InfoQuest Charting

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 28 Analysis Framework to the Rescue! AF turns the IT Monitor “instrumentation” data into actionable information! Models are used to define dependent relationships and logical groupings Every computer process, network device, communication link, and PI subsystem is monitored and has a “Health Rating” tag Our custom analysis plug-in calculates a simple “Normal”, “Warning”, “Trouble” health rating Maintenance is simple configuration – no coding!

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 29 The Building Blocks of AF We defined 45 “Element Templates” –Each template is meant to describe a specific device type or process –Templates contain “Attributes” which can reference PI Points, Data Tables, or an AF Formula. –Attributes support automatic PI Point creation when new elements are created, which meets a core project objective –Templates implement “inheritance” Virtually every tag in the IT Monitor PI system is mapped to an attribute of an element

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 30 AF Templates and Elements

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 31 Element Attributes and Categories Analyzed PI values can interpolated or standard PI summary types (avg, total, min, max, delta, stdev)

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 32 Health Rating Limits Table Simple table to define the warning and trouble limits for each monitored attribute Allows the use of generic or specific matching for each element’s attributes

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 33 AF Models Over 50 “Models” The health of EVERY element and model is calculated once per minute –Each unique element is only calculated once It takes less than 9 seconds to analyze everything Excellent integration with ProcessBook!

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 34 Analysis Plug-In Configuration Analysis Mode –Best Case –Worst Case –Any Warning All Trouble –All Trouble Valid Categories –Allows selection attribute categories Analysis Parent –Defines which parent model will control execution

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 35 Health Monitoring Overview Screens

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 36 What About Compliance? NU’s approach was two fold –Meet current requirements to provide strong EMS Availability Reporting to meet ISO-NE requirements –Develop a solid baseline Critical Cyber Asset Monitoring System to be used within our control centers and with the ability to expand to field critical cyber assets.

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 37 Lessons Learned As always, standards and conventions are critical Use empirical evidence to enlist support NERC 1300 is like ISO 9000 or FDA Validation –Define a corporate standard, follow that standard, and make sure that you can prove that you followed it Compliance is a constantly moving target, so your system must be able to easily adapt with little effort

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 38 The Path Forward More SNMP, SysLog, and NetFlow data CONVEX Control Center Enhancements to AF Model and Analysis

Copyright © 2006 OSIsoft, Inc. Company Confidential. All rights reserved. 39 Thank You! Questions? Special thanks to: –Dennis Mullen, PSNH –Ken Walker, PSNH –Mark Wunderli, PSNH –Faisel Ahmed, PSNH –Phil Ryder, Accelerated Information Technologies

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.