Orlando Utilities Commission Cyber Security and Efficient Management of Grid Edge Devices Project
Vložit
- čas přidán 29. 08. 2024
- SANS ICS Security Summit 2023
Orlando Utilities Commission Cyber Security and Efficient Management of Grid Edge Devices Project
Speaker: Bob Anderson, Communications Tech III , Orlando Utilities Commission Jim Atkins, Account Manager, Eastern Region North America, SUBNET Solutions
Orlando Utilities Commission's (OUC) namesake is "the Reliable One" due to their ongoing commitment to providing OUC customers with the most reliable electricity supply available. A reliable grid requires strong cybersecurity and OUC has embarked on a project to secure remote engineering access and remote work execution for their substation devices. NERC CIP compliance is required for a small portion of OUC's substation infrastructure but OUC's cybersecurity initiative is to secure all OUC substation infrastructure to these same stringent standards. To reduce NERC CIP audit requirements, OUC will utilize two independent systems so as to manage NERC CIP Bulk Electric System (BES) assets separately from non-BES assets. OUC implements many different vendor's products for their projects and continues to pursue a "best in class" mindset when selecting vendors. OUC needs to be able to do more: To more efficiently manage more devices, from more different vendors, for more grid projects, with more cybersecurity threat vectors to address. OUC's security solution will provide Role Based Access Control (RBAC) and layer on Function Based Access Control (FBAC) to provide the greatest level of security to remote users. RBAC and FBAC security are provided by the user only being granted device access to an authorized device and only provided the access needed within the vendor's software based on their Active Directory credentials. OUC needs their device management system to know that each device has the correct firmware and settings, which allows OUC to baseline all their devices to secure proper grid operation. Password management capability is also part of OUC’s device management and security project and provides for a zero-trust environment where passwords are automatically scrambled after every user’s interface to a grid edge device. OUC needs their projects to also save money and securing remote access to substation devices does just that. Reducing or eliminating the need to travel to the substation is a project goal. OUC was often travelling to a substation to acquire outage information and a reduction in these truck rolls is welcomed. Cost savings are also realized by rapidly acquiring outage information and automatically notifying users versus the very manual and costly efforts OUC had in place for acquiring event data. Now OUC automatically and securely acquires event data within just a few minutes allowing targeting of event location and phase therefore reducing the need to drive the whole line. Overall, the project to secure OUC’s remote engineering access has proven to enhance OUC’s cybersecurity posture, improve OUC’s workforce efficiency, reduce costs, speed outage management and secure grid operations. The presentation will provide details of OUC’s business drivers, technical considerations, project implementation and key benefits realized by this project.
View upcoming Summits: www.sans.org/u/DuS
🤭 Promo-SM