Instrumentation, Controls, and Automation - Program 68
|
|
- Victor Weaver
- 5 years ago
- Views:
Transcription
1 Instrumentation, Controls, and Automation - Program 68 Program Description Program Overview Power generators need to improve their ability to detect damage to plant equipment while preserving the focus of skilled instrumentation and controls (I&C) staff on plant operations and system performance. Additional sensors are needed to improve equipment condition monitoring, enabling optimization of maintenance tasks. Control systems have evolved from analog to digital, with new technologies to improve plant performance and operational effectiveness. The Electric Power Research Institute s (EPRI s) Instrumentation, Controls, and Automation program (Program 68) identifies, develops, and demonstrates state-of-the-art sensing, monitoring, diagnostics, and control system technologies that improve equipment condition assessment and plant performance, and help accurately measure critical plant variables. Research Value Maintaining the availability of existing power generating plants and enhancing the performance of future plants are critical to the future generation portfolio. EPRI s Operations and Maintenance programs address the key issues of operational effectiveness, safety, reduction of maintenance costs, and technical support for the next generation of plant staffs. The program focus is on providing integrated solutions that address the needs for processes, technologies, and skilled workers, allowing program members to: Reduce costs through greater automation in tuning of process controls and operating point transitions. Improve reliability through integrated anomaly detection, diagnostics, and prognostics. Improve reliability through more effective equipment monitoring, made possible through collaborative R&D. Approach Products developed by this program provide guidance through technical reports, guidelines, process specifications, webcasts, seminars, and workshops on research projects. Program activities address the identification, development, and transfer of new technology, and help optimize the use of existing instrumentation and control equipment, which can cost-effectively improve plant performance. Technology development and demonstration projects address critical aspects of fossil plant instrumentation and control systems, including advanced controls, automation, improved loop tuning, and equipment diagnostics. Applied research is conducted in collaboration with host sites at member utilities, expert consultants, universities, laboratories, and equipment vendors. The focus includes cyber security best practices to address industry standards; accurate detection and mitigation of equipment damage; increasing plant operational efficiency through the development and demonstration of control system improvements; and improved tuning processes that save time and improve consistency and staff knowledge capture. Technology Transfer projects provide peer-to-peer information exchange and written guidance on member-selected subjects, including online monitoring, sensors and instrumentation, controls, and automation. Fleet-Wide Monitoring Interest Group (FWMIG) meetings are held twice a year, and I&C interest group meetings are held once annually. Meeting materials including presentations, minutes, and other related files are distributed to all participants. The Instrumentation and Control Guideline addresses a member-selected topic annually. p. 1
2 Accomplishments Successful implementation of online and automated monitoring technology for equipment condition assessment requires applied research conducted in collaboration with universities, laboratories, and equipment vendors. Field demonstrations of technology at operating plants have included combined-cycle plant automation, equipment startup automation, advanced control, and automatic tuning. The R&D in this program has provided: Successful Fleet-Wide Monitoring Interest Group (FWMIG), with more than 20 member organizations; Guidelines on instrument calibration data analysis, control loop tuning, and control loop performance monitoring; reports documenting field demonstrations of new technologies relating to advanced control algorithms, automated controls tuning, multiloop controls tuning, and application of model predictive controls; and reports documenting field demonstrations of sensors, wireless data transmission, and advanced anomaly detection algorithms. Current Year Activities The program R&D for 2012 will focus on using instrumentation and control system capabilities for improving operational flexibility, efficiency of critical control loops, and control system cyber security. Specific efforts will include: report documenting best practices for establishing and operating a cyber security program for control systems; Continuation of the Fleet-Wide Monitoring Interest Group; and report that will serve as a guideline for instrumentation and control processes key to operations and maintenance in power generating plants. Estimated 2012 Program Funding $0.9M Program Manager Aaron Hussey, , ahussey@epri.com Summary of Projects Project Number Project Title Description P Technology Development and Demonstrations This project supports optimization of plant instrumentation and control systems, including cyber security, sensors, wireless technology, equipment diagnostics, advanced controls, automation, and improved loop tuning. P Technology Transfer Successful implementation of online monitoring technology and instrumentation, controls, and automation (ICA) technology requires peer-to-peer interaction among power producers and formal interaction with vendors. Instrumentation, Controls, and Automation - Program 68 p. 2
3 P Technology Development and Demonstrations (069177) Key Research Question Many experienced instrumentation and control system experts in the industry are approaching retirement age, and less-experienced staff members are assuming their duties. At the same time, equipment is aging, plants are operated more aggressively than originally designed, and the industry is preparing for compliance with cyber security standards. Accurate detection and mitigation of damage, using existing control capabilities for flexible operations, and implementing cyber security program best practices are critically important for plant instrumentation and control systems. Approach This project develops and demonstrates plant instrumentation and control system technologies to solve today's critical industry issues. Modern control systems include a suite of technology capabilities that can be used to mitigate equipment damage and improve efficiency of operations. Applied research is conducted in collaboration with host sites at utility members, expert consultants, universities, laboratories, and equipment vendors. Field demonstrations of technologies at operating plants include wireless sensor networks, equipment fault diagnostics, combined-cycle plant automation, equipment startup automation, advanced control, and automatic tuning. The research and development effort in 2012 and future years will focus on: Increasing plant operational flexibility and efficiency through the demonstration and evaluation of control system optimization technology, such as use of model predictive control and automated tuning methods; Improving control system cyber security by collecting and sharing best practices in establishing and operating cyber security programs that address industry standards, and; Improving equipment condition monitoring and diagnostics activities through addition of sensors, wireless networking, use of controls data, and integration of component degradation knowledge in online monitoring systems. Impact Instrumentation, controls, and automation technology R&D can improve plant staff knowledge and provide costeffective evaluations of state-of-the-art technologies prior to full-scale implementation. Some examples of technology developments and demonstrations include: Automation of equipment and processes improves the consistency of startups/shutdowns, helps capture expert knowledge, and reduces equipment damage. Improved control system performance leads to more responsive plant operation, better efficiency, reduced emissions, and reduced likelihood of damaging temperature transients. Multiloop tuning methods result in significantly better control systems performance and lead to better, more robust tuning of boiler control systems. Automation of control system tuning methods improves consistency and enables the expertise of control engineers to be applied on a broad scale. Wireless sensor networking can reduce the cost of installation of additional sensors, enabling more effective detection of critical equipment failure modes. Experience gained through this research will be directly applicable to both existing plants and new plant designs, enabling more effective application of online monitoring technology to create "smarter" components. How to Apply Results End users of this research include system engineers and owners, instrumentation and controls engineers, centralized monitoring staff, and technicians at fossil power plants. Some technology results will be published in the form of technical reports, guidelines, and process specifications that specify the proper approach for implementation of instrumentation, controls, and automation technology. Other technology results will be delivered as spreadsheets, databases, and presentation materials for quick review capability and ease of use. Instrumentation, Controls, and Automation - Program 68 p. 3
4 Without this documented guidance, benefits of applying instrumentation, controls, and automation technology may not be realized to the full potential. In addition, key research results will be communicated periodically through webcasts, teleconferences, and face-to-face meetings Products Product Title & Description Cyber Security Best Practices for Instrumentation and Control Systems: This project will begin a study on cyber security programs that utilities are implementing to meet industry standards. The focus is to identify and document industry best practices in mitigating security risks to I&C systems. Monitoring and Test Methods to Identify Pulverizer Response Problems: This project will complete the second year of study of the impact of pulverizer performance on load response and identify a mechanism to easily test a pulverizer online to determine its responsiveness (or change in responsiveness). Results will be used to determine if the pulverizer needs maintenance or if the control system needs tuning. Using Control Methods to Accommodate Changing Coal Quality: Coal quality variation from coal blending and other mechanisms causes process variations for which the boiler controls were not originally tuned. Advanced control technology, including adaptive control, might help to consistently control boiler systems within given constraints when changes to fuel heating value, moisture, and other characteristics occur. This study will investigate controls solutions for this problem and collaborate with other related research programs. Planned Completion Date Product Type 12/31/12 Report 12/31/12 Report 12/31/12 Future Year Products Product Title & Description Optimizing Sensor Placement to Infer Spatial Patterns: Optimal placement of heat flux and oxygen sensors in boilers is a key determination, often based on access and cost considerations. However, the most optimal placement could be determined through proper modeling for spatial patterns that can be measured through an optimized number of sensors. Using Control Methods to Accommodate Changing Coal Quality: Coal quality variation from coal blending and other mechanisms causes process variations for which the boiler controls were not originally tuned. Advanced control technology, including adaptive control, might help to consistently control boiler systems within given constraints when changes to fuel heating value, moisture, and other characteristics occur. This study will investigate controls solutions for this problem and collaborate with other related research programs. Drum Level Control Solution for Combined-Cycle Startups: During startup, closing the feedwater valves is not always sufficient to prevent high levels in the drum. As a result, operators anticipate this problem and lower the level setpoint with the hope of preventing water carryover. This project would investigate a control or automation solution to this problem. Drum Level Control Solution for Combined-Cycle Startups: During startup, closing the feedwater valves is not always sufficient to prevent high levels in the drum. As a result, operators anticipate this problem and lower the level setpoint with the hope of preventing water carryover. This project would investigate a control or automation solution to this problem. Planned Completion Date 12/31/13 Product Type 12/31/13 Report 12/31/13 12/31/14 Report Instrumentation, Controls, and Automation - Program 68 p. 4
5 Product Title & Description Optimizing Sensor Placement to Infer Spatial Patterns: Optimal placement of heat flux and oxygen sensors in boilers is a key determination, often based on access and cost considerations. However, the most optimal placement could be determined through proper modeling for spatial patterns that can be measured through an optimized number of sensors. Planned Completion Date Product Type 12/31/14 Report P Technology Transfer (065777) Key Research Question Plant owners demand more efficient operation and effective maintenance to reduce production costs and improve availability. Successful implementation of online monitoring technology and instrumentation, controls, and automation (ICA) technology requires peer-to-peer interaction among power producers and formal interaction with vendors. Technology gaps must be identified by end users to guide development and demonstration efforts. Approach Held twice a year, Fleet-Wide Monitoring Interest Group (FWMIG) meetings offer open peer-to-peer information exchanges and formal presentations by vendors on member-selected subjects. Meeting materials including presentations, minutes, and other related files are distributed to all participants. The FWMIG will guide EPRI projects on centralized online monitoring and diagnostics technology. A technical update, Instrumentation and Controls Guideline, is issued annually on member-selected topics. These topics may include instrumentation, calibration, controls, automation, sensors, online monitoring, and wireless technology. The focus of these reports is on best practices in the electric utility and other industries. As funding permits, assessments of emerging technologies and their early adoption in power-producing facilities is conducted through webcasts and documentation in the form of technical updates. Additional peer-to-peer exchange of ICA topics takes place during interest group meetings held in conjunction with industry conferences, or at host sites/epri facilities as funding permits. Newsletters are published, and webcasts are presented as necessary to communicate key technology transfer activities and progress on projects. Impact Peer-to-peer information sharing improves technology implementation in emerging areas, such as online monitoring and ICA technology. Collaboration among utility members, vendors, and researchers results in more effective technology development. Sharing experiences from early technology adoption in other industries benefits power producers. How to Apply Results End users of this research include system engineers and managers, control systems engineers, and technicians at fossil power plants. Interest group meetings are held periodically to enable open information exchange among members in key strategic areas affecting utilities. ICA technology guidelines are published in the form of technical update reports and are used as guidance when reviewing or improving key plant ICA processes. Key research results are communicated periodically through webcasts. Instrumentation, Controls, and Automation - Program 68 p. 5
6 2012 Products Product Title & Description Instrumentation, Controls, and Automation Interest Group Meeting: This meeting is held annually in response to I&C staff needs. The group will follow a similar format to other interest groups with a focus on technology discussions, peer sharing of best practices, and discussion of industry issues that can be addressed through I&C research. Fleet-Wide Monitoring Interest Group Meetings: The group meets twice annually (typically in May and October) to discuss challenges and solutions related to the implementation of on-line monitoring technology. Topics discussed include thermal performance monitoring, equipment condition assessment, data integration, and technology gaps. Planned Completion Date 12/31/12 12/31/12 Product Type Instrumentation and Controls Guideline: 2012 Topical : This guideline is updated annually with at least one new topic as voted on by the program advisory committee. The topic will be reviewed, and potential and proven industrial applications will be identified and documented. 12/31/12 Future Year Products Product Title & Description Instrumentation and Controls Guideline: 2013 Topical : This guideline is updated annually with at least one new topic as voted on by the program advisory committee. The topic will be reviewed, and potential and proven industrial applications will be identified and documented. Fleet-Wide Monitoring Interest Group Meetings: The group meets twice annually (typically in May and October) to discuss challenges and solutions related to the implementation of on-line monitoring technology. Topics include thermal performance monitoring, equipment condition assessment, data integration, and technology gaps. Instrumentation, Controls, and Automation Interest Group Meeting: This meeting will be held once annually in response to I&C staff needs. The group will follow a similar format to other interest groups with a focus on technology discussions, peer sharing of best practices, and discussion of industry issues that can be addressed through I&C research. Instrumentation and Controls Guideline: 2014 Topical : This guideline is updated annually with at least one new topic as voted on by the program advisory committee. The topic will be reviewed, and potential and proven industrial applications will be identified and documented. Fleet-Wide Monitoring Interest Group Meetings: The group meets twice annually (typically in May and October) to discuss challenges and solutions related to the implementation of on-line monitoring technology. Topics discussed include thermal performance monitoring, equipment condition assessment, data integration, and technology gaps. Instrumentation, Controls, and Automation Interest Group Meeting: This meeting will be held once annually in response to I&C staff needs. The group will follow a similar format to other interest groups with a focus on technology discussions, peer sharing of best practices, and discussion of industry issues that can be addressed through I&C research. Planned Completion Date 12/31/13 12/31/13 12/31/13 12/31/14 12/31/14 12/31/14 Product Type Instrumentation, Controls, and Automation - Program 68 p. 6
7 Fleetwide Monitoring Interest Group (063807) Supplemental Projects Background, Objectives, and New Learnings The Fleet-Wide Monitoring Interest Group (FWMIG) was formed to enable open information exchange between utility members, vendors, and researchers on all aspects of fleet-wide monitoring. Topics covered by this interest group include equipment condition monitoring, thermal performance monitoring, operations and maintenance (O&M) effects of a fleet-wide approach, cost-benefit analysis, and ongoing discussions on R&D and technology gaps. Project Approach and Summary The FWMIG meets twice per year, with participants representing utilities, vendors, universities, and EPRI. Meeting topics include updates on activities in other industries as well as monitoring applications within the power industry. Participants present the latest progress made in fleet-wide monitoring implementations. The meeting agenda also includes a member roundtable to discuss open issues in the application of fleet-wide monitoring tools. As part of the roundtable, gaps that can be addressed by research projects are discussed. These gaps will be formulated into additional supplemental projects with specific scopes and approaches, which will be carried out separately from the interest group. A website bulletin board will provide a forum for correspondence among members as well as an archive of meeting materials and links to related projects. Benefits Unplanned and/or corrective maintenance of power industry equipment remains one of the most significant O&M expenses, sometimes resulting in unplanned outages and reduced financial margins due to increased replacement electricity costs. Online equipment condition monitoring can provide early warning of potential failure by detecting incipient leading indicators of equipment degradation via powerful signal processing applied to existing instrumentation. EPRI's role in fleet-wide monitoring is to bring its knowledge of equipment reliability and understanding of equipment failure modes and effects to participants of this interest group. The objective is for equipment condition monitoring software to be applied on a fleet-wide basis to move it closer to a "plug and play" mode of operation. This advancement should measurably reduce maintenance efforts and costs, improve reliability, and increase customer and investor confidence. Instrumentation, Controls, and Automation - Program 68 p. 7
8 HRSG Damage Reduction through Improved Controls (072046) Background, Objectives, and New Learnings Many combined-cycle units are cycling much more than anticipated in the original design basis. Problems resulting from increased cycling include accelerated component failure rates and additional incremental fuel cost. In combined-cycle units, as with coal-fired units, superheat and reheat spray attemperation introduces the potential for serious component degradation and failures in piping, headers, and tubes. On many combinedcycle units, the superheater (SH) and reheater (RH) controls strategies are based on designs long used in coalfired plants. Due to the faster response time of combustion turbines, these control design philosophies are not necessarily adequate, in particular in those that do frequent cycling. As a result, a significant number of heat recovery steam generator (HRSG) failures have been experienced worldwide that have at least been attributed partly to inadequate attemperation control. The primary objective of this project is to investigate and implement advanced instrumentation and control (I&C) strategies to mitigate the adverse impacts of inadequate steam temperature control. This research will include thorough investigations of control strategies and instrumentation and control hardware and their overall effects on steam temperature control performance, followed by implementation and evaluation. Project Approach and Summary To meet the overall objective of this project, the following approach is envisioned: 1. Document existing controls and their performance 2. Identify candidate I&C improvements 3. Perform detailed design of identified improvements 4. Implement identified improvements 5. Test and evaluate benefits 6. Document the entire effort in an industry report Potential I&C improvements include advanced control algorithms such as automatic proportional-integralderivative (PID) tuning, model predictive control (MPC), additional traditional and novel instrumentation, and primary control element modifications. Benefits Using the results of this research, steam temperature control optimization could better reduce damage to equipment (valves and piping.) and help improve the reliability, costs, and environmental impact of power generation through: Performance and heat rate improvements and fuel cost reductions Reduced fuel consumption through improved thermodynamic efficiency Increased availability of power generation through reduced unplanned outages due to equipment failure Instrumentation, Controls, and Automation - Program 68 p. 8
9 Cyber Security Solutions for Instrumentation and Control Systems (071911) Background, Objectives, and New Learnings Information technology (IT) practices for personal and business networks require continual updates to mitigate threats from cyber attacks. Antivirus programs, firewalls, passwords, and encryption are familiar technologies protecting our personal and business networks. But even with all of these mitigation technologies, cyber attackers continue to find ways to penetrate computer systems. Such attacks pose significant risks when directed at power plant control systems, particularly those at generating units that are critical to production. IT security policies and practices are well-established, with professionals working to secure business networks while constantly increasing workplace productivity. Although industrial control systems (ICS) share much of the same type of computing technologies as business networks, security policies and practices must consider a different type of productivity requirement safety and efficiency of process control. Control engineers are required to maintain, upgrade, and secure control systems while also optimizing their end use by plant operators. Cyber security standards have been produced as a result of continual threats to business and process control networks. Many standards have been drafted, undergone revision, and are being enforced for compliance. In recent years, electric utilities have established cyber security programs to ensure compliance with critical infrastructure protection (CIP) standards requirements of the North American Electric Reliability Corporation (NERC) and related requirements in the international community. Compliance with these standards is not easy, and requires IT staff and control engineers to work together to implement and maintain a cyber security program for control systems. As part of establishing and maintaining a cyber security program, a variety of security strategies and technologies are needed to mitigate risk and react to new vulnerabilities while improving program efficiency. The objective of this project is to investigate and document solutions for control system security. This work will enable effective application and foster new technology developments. Project Approach and Summary This project will explore and document a variety of solutions for securing instrumentation and control systems. The focus will be on solutions implemented in the fossil power industry, and solutions from other industries also will be considered. For each solution topic, the project team will study how the technology works, implementation options and best practices, field installations, and capabilities/limitations. EPRI will work with participants to establish and prioritize solution topics to study, and will address the top three. A preliminary list includes: Data diodes Automated change management Remote access White listing of applications Wireless sensor network security Active control network scanning Hardening cyber assets Patch management Ports and service management Security status monitoring USB memory stick protection Use of active directory Virus/malware protection Instrumentation, Controls, and Automation - Program 68 p. 9
10 EPRI will research and summarize all existing industry documentation for the topics selected with a focus on implementation best practices, technology gaps, and new developments. Benefits Cyber security strategies and technologies will reduce vulnerabilities of power plant control systems to malicious attacks that could cause disruption to electricity generation and damage to equipment. Technology-assisted early detection and prevention of cyber attacks can ensure reliable, safe, environmentally sound, and economic operation of critical generating units. Participants in this project will gain new knowledge and receive practical implementation guidance for a variety of options for establishing required control system security. This guidance can improve participants abilities to address elements of cyber security standards through improved understanding of strategies and technology options. The project will include an assessment of actual field application of specific strategies for achieving control system security. Instrumentation, Controls, and Automation - Program 68 p. 10
Physical Security Reliability Standard Implementation
Physical Security Reliability Standard Implementation Attachment 4b Action Information Background On March 7, 2014, the Commission issued an order directing NERC to submit for approval, within 90 days,
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationContinuous protection to reduce risk and maintain production availability
Industry Services Continuous protection to reduce risk and maintain production availability Managed Security Service Answers for industry. Managing your industrial cyber security risk requires world-leading
More informationChapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS
Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS The Saskatchewan Power Corporation (SaskPower) is the principal supplier of power in Saskatchewan with its mission to deliver power
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationSE Engineering, PC strives to be a leader in the power system engineering field by providing our customers with the highest level of quality,
SE Engineering, PC strives to be a leader in the power system engineering field by providing our customers with the highest level of quality, integrity, and innovation. Our mission is to offer the safest,
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationYour experts for coal assets
Your experts for coal assets We are Uniper Your benefits We are a leading international energy company with operations in more than 40 countries and around 13,000 employees. We combine a balanced portfolio
More informationChapter X Security Performance Metrics
DRAFT February 19, 15 BES Security s Working Group Page 1 of 7 Chapter X Security Performance s 1 3 3 3 3 0 Background The State of Reliability 1 report noted that the NERC PAS was collaborating with the
More informationStandard CIP 007 4a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4a 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationCanada Life Cyber Security Statement 2018
Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015
Federal Energy Regulatory Commission Order No. 791 January 23, 2015 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 3 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationInternet of Things. Internet of Everything. Presented By: Louis McNeil Tom Costin
Internet of Things Internet of Everything Presented By: Louis McNeil Tom Costin Agenda Session Topics What is the IoT (Internet of Things) Key characteristics & components of the IoT Top 10 IoT Risks OWASP
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More informationFuture Grid Initiative
Future Grid Initiative Enabling renewable energy resources Vijay Vittal Director, Power Systems Engineering Research Center Professor, Arizona State University Workshop objectives PSERC has embarked on
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationEnergy Solutions for Buildings
Energy Solutions for Buildings Making energy safe, reliable, efficient, productive and green Make the most of your energy SM 1 Solutions to enable and sustain energy savings Technology is crucial to make
More informationStandard CIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for securing
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationSummary of FERC Order No. 791
Summary of FERC Order No. 791 On November 22, 2013, the Federal Energy Regulatory Commission ( FERC or Commission ) issued Order No. 791 adopting a rule that approved Version 5 of the Critical Infrastructure
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationPurpose. ERO Enterprise-Endorsed Implementation Guidance
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1 Requirement R1: Impact Rating of Generation Resource Shared BES Cyber Systems Version: January 29, 2015 Authorized by the Standards Committee
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationGuidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17
GUIDELINES ON SECURITY MEASURES FOR OPERATIONAL AND SECURITY RISKS UNDER EBA/GL/2017/17 12/01/2018 Guidelines on the security measures for operational and security risks of payment services under Directive
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationRSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief
RSA Solution Brief Managing Risk Within Advanced Security Operations RSA Solution Brief How do you advance your security operations function? Increasingly sophisticated security threats and the growing
More informationLesson Learned Initiatives to Address and Reduce Misoperations
Lesson Learned Initiatives to Address and Reduce Misoperations Primary Interest Groups Transmission Owners (TOs) Generator Owners (GOs) Problem Statement A registered entity experienced a high rate of
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationTable of Contents. Sample
TABLE OF CONTENTS... 1 CHAPTER 1 INTRODUCTION... 4 1.1 GOALS AND OBJECTIVES... 5 1.2 REQUIRED REVIEW... 5 1.3 APPLICABILITY... 5 1.4 ROLES AND RESPONSIBILITIES SENIOR MANAGEMENT AND BOARD OF DIRECTORS...
More informationEnsuring Your Plant is Secure Tim Johnson, Cyber Security Consultant
Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems
More informationplaybook OpShield for NERC CIP 5 sales PlAy
playbook OpShield for NERC CIP 5 sales PlAy OpShield for NERC CIP 5 The Problem U.S. bulk power entities are federally mandated to comply with NERC CIP requirements that dictate industrial security and
More informationCyber Security Requirements for Supply Chain. June 17, 2015
Cyber Security Requirements for Supply Chain June 17, 2015 Topics Cyber Threat Legislation and Regulation Nuts and Bolts of NEI 08-09 Nuclear Procurement EPRI Methodology for Procurement Something to think
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationEffective: 12/31/17 Last Revised: 8/28/17. Responsible University Administrator: Vice Chancellor for Information Services & CIO
Effective: 12/31/17 Last Revised: 8/28/17 Responsible University Administrator: Vice Chancellor for Information Services & CIO Responsible University Office: Information Technology Services Policy Contact:
More informationISO/IEC TR TECHNICAL REPORT
TECHNICAL REPORT ISO/IEC TR 27019 First edition 2013-07-15 Information technology Security techniques Information security management guidelines based on ISO/IEC 27002 for process control systems specific
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationIncident Response Services
Services Enhanced with Supervised Machine Learning and Human Intelligence Empowering clients to stay one step ahead of the adversary. Secureworks helps clients enable intelligent actions to outsmart and
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationIntroduction to Business continuity Planning
Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources
More informationPOSITION DESCRIPTION
Network Security Consultant POSITION DESCRIPTION Unit/Branch, Directorate: Location: Regulatory Unit Information Assurance and Cyber Security Directorate Auckland Salary range: I $90,366 - $135,548 Purpose
More informationWestern States Power Crisis EPRI White Paper - An Overview -
Western States Power Crisis EPRI White Paper - An Overview - Dejan J. Sobajic July, 2001 Western States Power Crisis.1 Origins of the White Paper The roots of the document go back to several discussions
More informationElectric Sector Security & Privacy Plans for 2011
Electric Sector Security & Privacy Plans for 2011 Galen Rasche Technical Executive Erfan Ibrahim Technical Executive Ad-Hoc Smart Grid Executive Committee 2011-Feb-10 Contents PDU Cyber Security R&D Portfolio
More informationOngoing EPRI Plant Modernization and Configuration Management Initiatives
Ongoing EPRI Plant Modernization and Configuration Management Initiatives Presented by Cristian Marciulescu Principal Technical Leader CMBG Conference Chattanooga, TN June 26, 2018 Summary Overall Plant
More informationNext Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration
Next Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration EPIC Workshop Fresno California November 09, 2018 Southern California Edison Background (Innovation
More informationInformation Infrastructure and Security. The value of smart manufacturing begins with a secure and reliable infrastructure
Information Infrastructure and Security The value of smart manufacturing begins with a secure and reliable infrastructure The Case for Connection To be competitive, you must be connected. That is why industrial
More informationThe Connected Water Plant. Immediate Value. Long-Term Flexibility.
The Connected Water Plant Immediate Value. Long-Term Flexibility. The Water Industry is Evolving Reliable, safe and affordable access to water is not solely on the minds of water and wastewater managers.
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin
ARC VIEW DECEMBER 7, 2017 Critical Industries Need Active Defense and Intelligence-driven Cybersecurity By Sid Snitkin Keywords Industrial Cybersecurity, Risk Management, Threat Intelligence, Anomaly &
More informationLesson Learned CIP Version 5 Transition Program
Lesson Learned CIP Version 5 Transition Program CIP-002-5: BES Cyber Assets Version: December 7, 2015 This document is designed to convey lessons learned from NERC s various CIP version 5 transition activities.
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationREGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.
REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES Dynamic Solutions. Superior Results. PERSONALIZED HELP THAT RELIEVES THE BURDEN OF MANAGING COMPLIANCE The burden of managing risk and compliance is
More informationEXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.
EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT An Insight Cyber White Paper Copyright Insight Cyber 2018. All rights reserved. The Need for Expert Monitoring Digitization and external connectivity
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationDell helps you simplify IT
Dell helps you simplify IT Workshops the first step. Reduce desktop and data center complexity. Improve productivity. Innovate. Dell IT Consulting Services New Edition 2011 Introduction Are you spending
More informationCIP Cyber Security Configuration Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationDisclaimer Executive Summary Introduction Overall Application of Attachment Generation Transmission...
CIP-002-4 Cyber Security Critical Cyber Asset Identification Rationale and Implementation Reference Document September, 2010 Table of Contents TABLE OF CONTENts Disclaimer... 3 Executive Summary... 4 Introduction...
More informationInformation Security Controls Policy
Information Security Controls Policy Version 1 Version: 1 Dated: 21 May 2018 Document Owner: Head of IT Security and Compliance Document History and Reviews Version Date Revision Author Summary of Changes
More informationPlant Security Services Protecting productivity in the digital era October
Plant Security Services Protecting productivity in the digital era October2017 Restricted www.siemens.com/plant-security-services Internet of (hacked) Things Page 2 Use case - No OT cybersecurity company
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationCritical Infrastructure Protection Version 5
Critical Infrastructure Protection Version 5 Tobias Whitney, Senior CIP Manager, Grid Assurance, NERC Compliance Committee Open Meeting August 9, 2017 Agenda Critical Infrastructure Protection (CIP) Standards
More informationNEN The Education Network
NEN The Education Network School e-security Checklist This checklist sets out 20 e-security controls that, if implemented effectively, will help to ensure that school networks are kept secure and protected
More informationSite Data Protection (SDP) Program Update
Advanced Payments October 9, 2006 Site Data Protection (SDP) Program Update Agenda Security Landscape PCI Security Standards Council SDP Program October 9, 2006 SDP Program Update 2 Security Landscape
More informationScope Cyber Attack Task Force (CATF)
Scope Cyber Attack Task Force (CATF) PART A: Required for Committee Approval Purpose This document defines the scope, objectives, organization, deliverables, and overall approach for the Cyber Attack Task
More informationQuickBooks Online Security White Paper July 2017
QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a
More informationSOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)
SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP) Adaptive Cybersecurity at the Speed of Your Business Attackers Evolve. Risk is in Constant Fluctuation. Security is a Never-ending Cycle.
More informationCyber Security. June 2015
Cyber Security June 2015 Table of contents Section Pages Introduction and methodology 3 Key findings 4 Respondent profile 5-9 Cyber security practices 10-25 Resources for monitoring cyber security events
More informationReport on Current IAEA I&C Projects For Research Reactors May By Charles R Morris RR Section of NEFW
Report on Current IAEA I&C Projects For Research Reactors May 2013 By Charles R Morris RR Section of NEFW Personal History The IAEA Research Reactor Section IAEA has 6 main departments with a total of
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationOPUC Workshop March 13, 2015 Cyber Security Electric Utilities. Portland General Electric Co. Travis Anderson Scott Smith
OPUC Workshop March 13, 2015 Cyber Security Electric Utilities Portland General Electric Co. Travis Anderson Scott Smith 1 CIP Version 5 PGE Implementation Understanding the Regulations PGE Attended WECC
More informationFactsheet. Power Generation Service Energy efficiency in power generation and water
Factsheet Power Generation Service Energy efficiency in power generation and water Opportunity identification Opportunity identification overview The opportunity identification phase of Industrial Energy
More informationT22 - Industrial Control System Security
T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial
More informationTexas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13
Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas
More informationAppendix 3 Disaster Recovery Plan
Appendix 3 Disaster Recovery Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A3-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationObjectives of the Security Policy Project for the University of Cyprus
Objectives of the Security Policy Project for the University of Cyprus 1. Introduction 1.1. Objective The University of Cyprus intends to upgrade its Internet/Intranet security architecture. The University
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014
Federal Energy Regulatory Commission Order No. 791 June 2, 2014 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently proposed
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationGSEP Sectoral Working Groups (Power WG, Steel WG, Cement WG) Ministry Economy,Trade, and Industry
GSEP Sectoral Working Groups (Power WG, Steel WG, Cement WG) Ministry Economy,Trade, and Industry Japan Chair Co-Chair Transition from APP to IPEEC (Image) Asia Pacific Partnership on Clean Development
More informationManchester Metropolitan University Information Security Strategy
Manchester Metropolitan University Information Security Strategy 2017-2019 Document Information Document owner Tom Stoddart, Information Security Manager Version: 1.0 Release Date: 01/02/2017 Change History
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationStaffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today
Security Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today Staff Augmentation, Executive Staffing, Flex Staffing Achieving our main goal
More information