EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

Similar documents
The Electric Infrastructure Security (EIS) Council. Spring 2016

EARTH Ex 2017 Middle Planning Conference

Black Sky Emergency Communication & Coordination System

Black Sky Emergency Communication & Coordination System

National Infrastructure Resilience

National Level Exercise 2018 After-Action Findings

NGA Governor s Energy Advisors Energy Policy Institute Resiliency Panel

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013

The NIST Cybersecurity Framework

Long-Term Power Outage Response and Recovery Tabletop Exercise

Critical Infrastructure Resilience

Alternative Fuel Vehicles in State Energy Assurance Planning

EARTH Ex Exercise Webinar Multi-Sector Exercise Opportunity. July 19, pm ET

For providing decision support on climate stressors to infrastructure and assets for federal, state, local, and private clients...

Security and Privacy Governance Program Guidelines

Continuity of Business

Toward All-Hazards Security and Resilience for the Power Grid

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

The J100 RAMCAP Method

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

National Policy and Guiding Principles

Energy Assurance Plans

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Department of Defense. Installation Energy Resilience

Presentation on the Community Resilience Program

Marine Transportation System Resilience: A Federal Agency Perspective

Table of Contents. Sample

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Resilience for Installations and Communities

A Whole of Community Framework for Catastrophic Preparedness, Planning & Response

JOINT UNITED STATES-CANADA ELECTRIC GRID SECURITY AND RESILIENCE STRATEGY

Business Continuity Management Standards A Side-by-Side Comparison

Cybersecurity for Health Care Providers

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

BEFORE THE U.S. HOUSE OF REPRESENTATIVES COMMITTEE ON ENERGY AND COMMERCE SUBCOMMITTEE ON ENERGY

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

Applying Mitigation. to Build Resilient Communities

TEL2813/IS2820 Security Management

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

NATIONAL CAPITAL REGION HOMELAND SECURITY STRATEGIC PLAN SEPTEMBER 2010 WASHINGTON, DC

HOTEL RESILIENT Plan ahead stay ahead. With support from the German Government through

Business Continuity: How to Keep City Departments in Business after a Disaster

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Symantec Business Continuity Solutions for Operational Risk Management

Overview of the Federal Interagency Operational Plans

Building A Disaster Resilient Quebec

Member of the County or municipal emergency management organization

Don t Fail to Prepare for Failure Key Issues in Energy Assurance and Cybersecurity and Related NGA Center Activities

Improving Electric Grid Reliability and Resilience. Lessons Learned from Superstorm Sandy and Other Extreme Events

Why you should adopt the NIST Cybersecurity Framework

National Preparedness System. Update for EMForum June 11, 2014

Communications and Electric Power Sectors:

STATEMENT OF DR. CHRIS BECK CHIEF SCIENTIST AND VICE PRESIDENT FOR POLICY ELECTRIC INFRASTRUCTURE SECURITY COUNCIL

Building UAE s cyber security resilience through effective use of technology, processes and the local people.

ASSURING BUSINESS CONTINUITY THROUGH CONTROLLED DATA CENTER

Real-Time Health Monitoring of Civil Works to Enhance Emergency Action

Global Statement of Business Continuity

DOE s Roles and Responsibilities for Energy Sector Cybersecurity

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

MassMutual Business Continuity Disclosure Statement

Implementing Executive Order and Presidential Policy Directive 21

Global Security Operation Center GSOC

Appendix M. Lifeline Sector Coordination

Florida State University

Industry role moving forward

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Business Services Resilience and Restoration. Financial Services Sector Preparation for an Extreme Event

Mississippi Emergency Support Function #12 Energy Annex

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Business Continuity Planning

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Updates to the NIST Cybersecurity Framework

NATIONAL ELECTRIC GRID SECURITY AND RESILIENCE ACTION PLAN

RESILIENCE AND CRITICAL INFRASTRUCTURE

STRATEGIC PLAN. USF Emergency Management

CIPMA CRITICAL INFRASTRUCTURE PROTECTION MODELLING & ANALYSIS. Overview of CIP in Australia

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

AGENCY: National Weather Service, National Oceanic and Atmospheric Administration, U.S.

The UNISDR Private Sector Alliance for Disaster Resilient Societies

RESILIENT AMERICA ROUNDTABLE: PARTNERING WITH COMMUNITIES TO BUILD RESILIENCE

Chapter 1. Chapter 2. Chapter 3

Security Management Models And Practices Feb 5, 2008

INTRODUCING RESILIENT LOS ANGELES

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Kansas City s Metropolitan Emergency Information System (MEIS)

Electric Power Industry s Approach to Grid Security

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Power Grid Resilience, Reliability and Security Research at Idaho National Laboratory

The Office of Infrastructure Protection

Cybersecurity. Securely enabling transformation and change

Developing a Holistic Strategy To Achieve Community Health Resilience

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

IDD HP Resilience Program

Defining the Challenges and Solutions. Resiliency Model. A Holistic Approach to Risk Management. Discussion Outline

Modernizing the Grid for a Low-Carbon Future. Dr. Bryan Hannegan Associate Laboratory Director

Business Continuity Management Program Overview

Transcription:

EPRO Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS The Role of Systems Engineering in Addressing Black Sky Hazards Building the capabilities needed to address subcontinent-scale, Black Sky power outages will be complex, and one of the primary challenges is preparing the energy, water and other lifeline infrastructure sectors to provide basic functionality during restoration. Though there are many interdependencies among these sectors, each generally acts independently, pursuing proprietary goals according to its own logic. Coordination, a key function of systems engineering, is often aligned within a sector and not across sectors. The same methodical system engineering process that was often used to develop and evolve these sectors will be a vital tool to understand their interdependencies, and to host planning to ensure their continuity under extreme conditions. Developed over many decades, it has become the gold-standard for planning, designing, building and maintaining leading-edge technology and large, complex projects. Most major U.S. industries, including manufacturing, communications, defense, space payloads, environmental protection and even modern financial systems, depend heavily on systems engineering methodology. SYSTEMS ENGINEERING: A METHODICAL, DISCIPLINED APPROACH FOR DEVELOPMENT OF COMPLEX SYSTEMS WHOSE SUCCESSFUL IMPLEMENTATION DEPENDS ON INTERACTIONS AMONG MANY INTERDEPENDENT ELEMENTS.

Lifeline infrastructures and market forces have become the DNA of the modern world.

Background Societal Risk of Black Sky Hazards Our expanding technology has brought us powerful new lifeline infrastructures that sustain our world. In parallel, new market structures have evolved that supply and manage these infrastructures. These two robust, dynamic and interdependent systems essential infrastructures and the market forces that manage them have become the DNA of the modern world. In recent years, concerns have grown over emerging Black Sky hazards that could shatter this societal DNA. These include malicious threats -- EMP, cyber and coordinated physical attack on key power grid nodes potentially in combination with extreme natural hazards: unusually violent terrestrial weather, severe solar storms and regional earthquakes. Such hazards could cause power grid damage on an unprecedented scale, resulting in long duration, multi-fema region power outages. As awareness of the risks associated with this new class of extreme, emerging hazards increases, building plans to manage them has become an urgent priority for societal health and national continuity. Our challenge, today, is to build the essential planning needed to ensure our lifeline infrastructures will endure, with an adequate emergency process to supply them, for the weeks, or longer, required to recover from such hazards. 5

6

The Challenge: Complexity and Interdependency of Our Lifeline Infrastructures In preparing for scenarios when normal communications, supply and management processes break down, building effective plans to sustain today s vastly complex, highly interdependent infrastructures represents a significant challenge even for mature system engineering methodology. There are more than 6000 electric utilities in the United States, more than 100 very large water utilities (out of a total of over 160,000 independent water and wastewater systems) hundreds of oil and natural gas (ONG) companies and tens of thousands of critical suppliers and related stakeholders. Each sector alone is a complex system; adding cross-sector interdependencies greatly increases complexity. When operation of any significant portion of these infrastructure service providers breaks down for a significant period, the normal market processes that keep supplies moving and keep the entire, multi-layer network operating will also break down. 7

A National Recovery Coordination Framework, emerging from existing state and federal emergency management agencies and other organizations, will be a vital need to plan and implement the complex coordination tasks associated with Black Sky Hazards. The Opportunity: The Black Sky Systems 1 Engineering Process Emergency management agencies are active today in every State, with the Federal Emergency Management Agency (FEMA) supporting them at the federal level. These agencies, along with private sector mass-care NGOs like the American Red Cross and the Salvation Army, have well-developed, mature capabilities to deal with a wide range of conventional-scale emergencies. For Black Sky hazards, these existing emergency management structures provide an excellent foundation on which to build the new capabilities needed. But given the remarkable scale and multi-region impact of such hazards, new and greatly expanded roles, planning and systems management capabilities will be essential for these organizations. 1 In fact this process, as applied to multiple sectors, is more properly referred to as System of Systems Engineering (SoSE). For simplicity, we use here the more concise terminology. 8

1. Developing a Black Sky-Compatible National Recovery Coordination (NRC) Framework Simultaneous management of the rapidly changing, real time support needs of many thousands of lifeline utilities and critical installations will require a new dimension of engagement by emergency managers and partner organizations. Without the DNA that maintains social functionality under normal conditions, saving and sustaining lives and managing the complexity of recovery from a multi-region, long duration outage will require development and training of dedicated teams for coordination, making effective use of focused systems engineering planning and tools. Development of such teams in fact, development of an effective National Recovery Coordination Framework for Black Sky hazards will require coordinated engagement from state and federal emergency management agencies, National Guard and other government organizations, partnering with America s wide, volunteer-based mass care NGO sector. 2. Developing Systems Engineering Planning and Tools for Black Sky Recovery a. National Recovery Coordination System 2 One of the most basic tools needed by expanded, dedicated Black Sky emergency National Recovery Coordination teams will be a software-based system, designed to function in severely disrupted Black Sky environments, which can help replace the normal societal DNA, and manage the extraordinary complexity of the recovery process. A Black Sky-tailored, software-based National Recovery Coordination System (NRCS) would be an evolving, critical system engineering tool, providing NRC Framework managers with essential elements of situational awareness, and decision support guidance. As this tool evolves, with embedded operational architecture that maps both the nation s emergency response capabilities and the supply needs for lifeline utilities, it will provide an increasingly accurate assessment of changing, interdependent requirements across different infrastructure sectors, down to the level of individual, local utilities. 2 For more detailed information on the National Recovery Coordination System Architecture Study, write to info@ eiscouncil.org 9

Functioning as a continuously developing system engineering model of Black Sky emergency support needs and capabilities, an NRCS system will be essential to enable managers to quickly assess and respond to needs, while understanding the consequences of different tradeoff decisions. In the highly disrupted environments associated with these extreme scenarios, this tool will be central to ensuring timely, well-prioritized decisions that respond to rapidly fluctuating situational awareness elements across the many affected regions anticipated for these severe hazards. A Black Sky-compatible, software-based National Recovery Coordination System can act as a system model for emergency recovery needs and assets, nationwide, as a vital aid for National Recovery Coordination Framework teams b. Emergency Communication System (ECOM) 3 An Emergency Communication (ECOM) System will be one of the most critical tools needed by emergency managers, utility operators, mass-care NGO personnel and other key stakeholders. Embedded in the NRCS architecture and designed to support it, ECOM would be widely distributed across all relevant infrastructure and emergency management sectors, nationwide, and a primary tool of National Recovery Coordination Framework teams. Required to operate in disrupted Black Sky scenarios without outside power for at least weeks of operation, ECOM system developers will need to assess critical voice and data transmission requirements to match the system s capabilities to the minimum communication needs of the energy and water sectors, other critical lifeline infrastructure sectors and their government and NGO partners. 3 To review a suggested ECOM architecture, visit http://www.eiscouncil.org/library, or write to info@eiscouncil.org 10

c. National Emergency Power Council (NEPC) 4 In Black Sky Hazard scenarios, three interrelated capabilities -- an adequate national inventory of emergency generators, plans for emergency fuel distribution, and associated technical support -- will be urgently needed to sustain and restore service from critical lifeline utilities. These capabilities will also be essential for support services from NGOs and other critical institutions. In reality, NEPC represents a conceptual placeholder for development of a focused, coordinated emergency power support process, as a primary effort of National Recovery Coordination Framework teams, with likely participation of multiple agencies, in all levels of government. d. National Emergency Utility Consumables Council (NEUCC) 5 Another, widely needed requirement of Black Sky-class, long duration outages will be development of a process to ensure continued availability and distribution of critical consumables. In Black Sky environments, water and wastewater utilities, natural gas producers and other essential service providers can only sustain critical, minimal service if they can be assured of carefully defined, periodic delivery of essential consumables. Characterized here as the National Emergency Utility Consumables Council (NEUCC), this effort would be a parallel initiative to NEPC, and would also likely be developed and managed by National Recovery Coordination Framework teams. An industrial-scale emergency power generator. The U.S. government s inventory of backup generators is currently sized for conventional disasters and larger events on the scale of Superstorm Sandy, not for Black Sky-level scenarios. 4 5 The National Emergency Power Council Initiative is a planning effort, cohosted and coordinated by EIS Council, State and Federal Emergency Management Agencies and other government and utility organizations, focused on developing a national-scale capability to address this critical need for Black Sky scenarios. For more information, write to info@eiscouncil.org The National Emergency Utility Consumables Council Initiative is a special project of EIS Council, designed to host planning with relevant government agencies, utility sectors and chemical manufacturing and distribution companies to develop this capability nationwide. For more information, write to info@eiscouncil.org 11

The Foundation: The EPRO Sector Black Sky Playbook Process The systems engineering management framework, planning and tools described above will be essential to comprehensive implementation of a Black Sky recovery capability for the nation. And well before implementation, as a first step, recommendations for the basic architectures of these capabilities, now under development, will be essential to guide overall recovery planning for this uniquely challenging hazard class. 6 Nevertheless, to be effective, these capabilities must be anchored and founded in the fundamental systems engineering requirements developed by each lifeline infrastructure sector. 6 Examples of recommended architectures for the capabilities represented by the NRC Framework, NRCS and ECOM are under development by different public and private stakeholders. For current information, please write to info@ eiscouncil.org 12

Applying the Systems Engineering Process to Lifeline Infrastructure Sectors In guiding development of complex projects or capabilities, systems engineering plans are typically developed as a step by step process. Step One: Defining Top Level Goals The first step is always an assessment of the top level goals for the system. Often referred to as Mission Requirements, they represent the objectives that all subsystems / sectors must work toward, if the overall system is to be successful. For Black Sky resilience and recovery, these goals represent the key overall societal needs to ensure effective societal continuity and recovery. These goals, in turn, imply more specific objectives that are applicable to each sector. Step Two: Defining Services or Performance Levels for Subsystems / Sectors For each subsystem or sector, the system s top level goals imply subsidiary services or performance goals which, when combined with those of other sectors, result in meeting the goals of the overall system. For Black Sky resilience and recovery, these represent the Black Sky service levels or restoration priorities that each sector will need to meet, to perform that sector s critical role in supporting societal continuity and recovery. Step Three: Defining Internal Requirements for Each Sector The third step in this process is typically to convert these subsystem / sector goals or service levels to internal requirements, derived by examining a sector to determine which specific requirements, if diligently met, would best enable that sector to meet its goals. For Black Sky resilience and recovery, these internal requirements represent the measures a sector must take to meet its unique responsibilities or service levels to ensure the key needs for societal continuity and recovery will be met. Step Four: Defining Each Sector s External Requirements The final step (before moving on to implementation) is definition of interface requirements or external requirements: those basic needs of the sector which it cannot provide for itself, and which must be provided by other sectors, if it is to achieve its own, internal requirements. For Black Sky resilience and recovery, these represent the services, assets or policy decisions a particular sector will need its partners to provide, to make that sector s Black Sky efforts possible and successful. 13

The EPRO Sector Black Sky Playbook Process This system engineering process, applied to the nation s lifeline infrastructures and its government and NGO partners, represents the foundation for the full set of comprehensive planning and implementation efforts needed to prepare for effective recovery from Black Sky hazards. To adapt this process for sector-specific Black Sky planning, the EPRO Executive Steering Committee and Sector Steering Committees are hosting development of Black Sky Playbooks 7 for key sectors. Growing from ongoing analysis and years of discussions among utility professionals, these Playbooks function as evolving, sector systems engineering plans, providing guidelines that individual utilities may then use to frame decisions on their own resilience investments and operational planning, in coordination with regulatory bodies and other stakeholders. EPRO Black Sky Playbook Structure Role and Development Process Designed to provide guidelines for a sector to help manage risks of long duration, multiregion power outages associated with emerging Black Sky hazards, sector playbooks are developed and periodically reviewed and reissued by consultation among senior managers and operational personnel in the sector. They are designed to provide evolving frameworks to help individual utilities strengthen their resilience measures, develop focused operational plans and assess external support needed to address Black Sky hazards. 7 Note: Some sectors refer to these documents as Protocols. 14

Top Level Goals In the severely disrupted, multi-region, long duration power outages associated with Black Sky scenarios, the most critical goals for societal health and continuity will be to enable systematic, timely and well-prioritized power grid restoration, while simultaneously enabling the largest possible numbers of people to shelter in place during that multiweek or longer restoration. These goals have different mission implications for each sector. For the water sector, for example, they imply maintenance of at least minimal water and wastewater service for the largest possible number of residents and critical facilities in an affected region, for the full duration of the power outage. For the electric subsector, they imply enhancing Black Start assets, the power grid s restart switch, and ensuring availability of adequate regionally staged spares and trained restoration teams to make possible timely power grid recovery following extreme, Black Sky events. Sector Black Sky Services or Performance Levels Black Sky services or performance levels will, of course, vary from sector to sector. In every case, however, they represent those capabilities the sector will need to provide, designed to adequately support the sector s top level goals. Thus for the water sector, for example, Black Sky service levels represent a range of water and wastewater pressure and treatment quality levels that individual utilities could choose from, focused to allow residents of large cities, at a minimum, to shelter in place in their communities. For the Energy Sector, Black Sky performance level implies development of Black Sky restoration priorities that support timely power restoration without sacrificing sustaining or early restoration of service to water and wastewater utilities and other critical facilities. Sector Black Sky Internal Requirements For each sector, and ultimately for different utilities or organizations within that sector, implementing a unique set of requirements will be key to making it possible for that sector s utilities or organizations to meet the sector s service levels and top level goals. These requirements, applicable internally to the sector itself, may be derived by examining those aspects of the sector likely to be affected either directly or indirectly by the impacts of Black Sky hazards, with the internal requirements representing measures that if implemented would protect key aspects of the sector s performance against those direct or indirect impacts. 15

Sector Black Sky External Requirements All lifeline infrastructure sectors share interdependencies with other sectors. For example, in developing and implementing new resilience measures, utilities will often need policy changes or approval from different regulatory bodies. During the recovery period, the electric subsector cannot make electricity without adequate fuel from the Oil and Natural Gas (ONG) subsector. The ONG subsector cannot deliver natural gas through pipelines to the electric subsector without electricity to power its pumps. All sectors will also share common support needs during recovery, unique to Black Sky hazards, including emergency communications and periodic replacement of emergency fuel and critical consumables. Each sector, in preparing a listing of its external requirements, will examine the full set of critical services, assets and policy adaptations they will need from their partners to supplement and complete their own investments and planning, and successfully support top level recovery goals. Summary Emerging Black Sky hazards, and the long duration, multi-fema region power outages they could cause, represent one of the most serious planning and coordination challenges of modern times. Systems Engineering methodologies, already in use to develop the world s most complex systems, processes and products, are ideally suited for these challenges. Building on new initiatives and progress already underway, the EPRO Executive Steering Committee and Sector Steering Committees are hosting development of sector-specific Black Sky Playbooks, rooted in this systems engineering process. With the active participation of key managers and leaders across the full spectrum of lifeline utilities and their partners, this process provides a solid foundation for progress in addressing these unprecedented challenges. 16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback