Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2011 EnerNex. All Rights Reserved. www.enernex.com Lemnos Interoperable Security Project Background and Benefits 8/11/2011.

Published byPrudence Briggs Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2011 EnerNex. All Rights Reserved. www.enernex.com Lemnos Interoperable Security Project Background and Benefits 8/11/2011."— Presentation transcript:

1 © 2011 EnerNex. All Rights Reserved. www.enernex.com Lemnos Interoperable Security Project Background and Benefits 8/11/2011

2 © 2011 EnerNex. All Rights Reserved. www.enernex.com Energy Sector Challenges  Security of the control systems utilized in the energy sector is more IMPORTANT than ever before as control system are evolving rapidly – Increasing use of Ethernet and IP communications Increased attack surface – Connections to external systems Supports changing operational and business needs – New and emerging regulatory requirements 2

3 © 2011 EnerNex. All Rights Reserved. www.enernex.com Energy Sector Challenges  Implementing Security is more COMPLICATED than before – End Users are faced with limited security expertise It shouldn’t take a security expert to configure a device properly! – Vendors need alternatives to proprietary solutions – End Users and Vendors need a straight forward method to communicate user needs, product features, and configuration parameters relating to cyber security functions 3

4 © 2011 EnerNex. All Rights Reserved. www.enernex.com Lemnos Project Background  Funded by DOE under the Cybersecurity for Energy Delivery Systems (CEDS) Research and Development Program  Ultimate goal is to make interoperability of devices supporting cyber security functions less difficult to the end users – Often labor intensive and requiring extensive security expertise by the end user – Installed configurations often different for various vendor pairs  Lemnos emphasizes the development and use of a common set of configuration parameters

5 © 2011 EnerNex. All Rights Reserved. www.enernex.com 5 Define functional requirements based on asset owner needs STEP 1 Select open source specifications (IETF RFCs) to meet the identified functional requirements STEP 2 Develop Interoperable Configuration Profiles for these specifications tailored for the energy sector control systems environment Test and validate the interoperable configuration profiles STEP 3 STEP 4 Lemnos Process

6 © 2011 EnerNex. All Rights Reserved. www.enernex.com Lemnos Project Partners  EnerNex (Prime Contractor to DOE)  Sandia National Laboratories (FFRDC) – Directly funded by DOE  Tennessee Valley Authority (Utility/End User)  Schweitzer Engineering Laboratories – Sub contractor to EnerNex 6

7 © 2011 EnerNex. All Rights Reserved. www.enernex.com Participating Vendors and R&D  Participating Vendors To Date – Cisco – Encore Networks – GarrettCom – Industrial Defender – N-Dimension – Phoenix Contact – Ruggedcom – Siemens  Participating R&D Organizations – Electric Power Research Institute (EPRI)

8 © 2011 EnerNex. All Rights Reserved. www.enernex.com Current Lemnos Project Status  Security functions and protocols identified to date – Messaging (Syslog) – Centralized Authentication (LDAP) – Secure channel (IPsec) – Secure remote access (SSH)  Lab testing and field testing continues  DOE funding ending this year – Potential private sector sponsorship in the future – Looking for utility input to identify priorities 8

9 © 2011 EnerNex. All Rights Reserved. www.enernex.com End User Perspective  Enables End Users to choose BEST IN CLASS solutions for various facilities (versus a “one size fits all”) – For example, an electric utility may have unique needs for: -Communications Hub/Control Center -Generating Plant DCS -Substation LAN -Outdoor and Pole top  Reduction in setup/deployment time and effort – Lower Total Cost of Ownership  Reduction in configuration errors  Communicates equipment requirements 9 Lemnos Benefits

10 © 2011 EnerNex. All Rights Reserved. www.enernex.com Vendor Perspective  Permits shortened development cycle by providing reference design – OPSAID reference design available to public  Uses configurations proven in lab and field to secure control system communications in a way that doesn’t trade off reliability  Enhances the vendor’s ability to meet the customer’s needs – Provides a common understanding between customer and vendor 10 Lemnos Benefits

11 © 2011 EnerNex. All Rights Reserved. www.enernex.com Moving Forward  Challenges for Cybersec-Interop TF after handoff from Lemnos – Versioning of the ICPs Moving forward, options in the IETF RFC’s will become deprecated to maintain alignment with NISTIR 7628 and other industry guidance Difficult to maintain backwards compatibility Interoperability may be at the ICP version level – Certification and Conformance Additional details needed in ICPs? 11

Download ppt "© 2011 EnerNex. All Rights Reserved. www.enernex.com Lemnos Interoperable Security Project Background and Benefits 8/11/2011."

Similar presentations

Migration Considerations and Techniques to MPLS-TP based Networks and Services Nurit Sprecher / Nokia Siemens Networks Yaacov Weingarten / Nokia Siemens.

Migration Considerations and Techniques to MPLS-TP based Networks and Services Nurit Sprecher / Nokia Siemens Networks Yaacov Weingarten / Nokia Siemens.
Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.

Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.
SYSTEM-WIDE PROCESS CONTROLS UPGRADE Detroit Water & Sewerage Department.

SYSTEM-WIDE PROCESS CONTROLS UPGRADE Detroit Water & Sewerage Department.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
(c) 2003, SOHOware, Inc. Proprietary and Confidential Your OEM Partner for Intel XScale based Networking Appliances Targeting Small and Medium Business.

(c) 2003, SOHOware, Inc. Proprietary and Confidential Your OEM Partner for Intel XScale based Networking Appliances Targeting Small and Medium Business.
UCAIug HAN SRS v2.0 Summary August 12, 2010. 2 Scope of HAN SRS in the NIST conceptual model.

UCAIug HAN SRS v2.0 Summary August 12, Scope of HAN SRS in the NIST conceptual model.
NERC CIPC March 16, 2006 Roadmap to Secure Control Systems in the Energy Sector U.S. Department of Energy Office of Electricity Delivery and Energy Reliability.

NERC CIPC March 16, 2006 Roadmap to Secure Control Systems in the Energy Sector U.S. Department of Energy Office of Electricity Delivery and Energy Reliability.
© 2006 San Diego Gas & Electric Company. All copyright and trademark rights reserved. Microgrid – A Smart Grid Alternative Service Delivery Model? Thomas.

© 2006 San Diego Gas & Electric Company. All copyright and trademark rights reserved. Microgrid – A Smart Grid Alternative Service Delivery Model? Thomas.
SmartGridCity™: A blueprint for a connected, intelligent grid community Presented to the Utah Public Service Commission May 13, 2009.

SmartGridCity™: A blueprint for a connected, intelligent grid community Presented to the Utah Public Service Commission May 13, 2009.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
September 20, 2002G2E 2002 GSA Technical Forum1 Best Of Breed (BOB) Standard.

September 20, 2002G2E 2002 GSA Technical Forum1 Best Of Breed (BOB) Standard.
Continuous Value Enhancement Process

Continuous Value Enhancement Process
Levetidsforlengelse av Existerende felt Oppgradering av kontrollsystemer subsea Erfaringer og losninger fra Tordis og Vigdis February 8 th 2012.

Levetidsforlengelse av Existerende felt Oppgradering av kontrollsystemer subsea Erfaringer og losninger fra Tordis og Vigdis February 8 th 2012.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Benefits of Energy R&D Presented to the Conference on Estimating the Benefits of Government-Sponsored Energy Technology R&D March 4, 2002 Margie.

Security Benefits of Energy R&D Presented to the Conference on Estimating the Benefits of Government-Sponsored Energy Technology R&D March 4, 2002 Margie.
By Lauren Felton. The electric grid delivers electricity from points of generation to consumers, and the electricity delivery network functions via two.

By Lauren Felton. The electric grid delivers electricity from points of generation to consumers, and the electricity delivery network functions via two.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
Michael S. Zachowski, Robert D. Walla Astrix Technology Group 1090 King Georges Post Rd Edison, NJ 08837 A Successful Approach to a LIMS Upgrade In A Public.

Michael S. Zachowski, Robert D. Walla Astrix Technology Group 1090 King Georges Post Rd Edison, NJ A Successful Approach to a LIMS Upgrade In A Public.
Advanced Metering Infrastructure

Advanced Metering Infrastructure
Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.

Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.

Similar presentations

Ads by Google