IIIA Technical Paper 04-01

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "IIIA Technical Paper 04-01"

Transcription

1 Network Security Risk Assessment Modeling (NSRAM) Application to Municipal Electric Power Grid IIIA Technical Paper May 2004 IIIA Institute for Infrastructure & Information Assurance James Madison University Harrisonburg, VA (540) ; Fax (540)

2 Network Security Risk Assessment Modeling (NSRAM) Application to Municipal Electric Power Grid J. McManus, MBA, G. Baker, Ph.D., S. Redwine, M.S., P. Riley, M.S. College of Integrated Science and Technology, James Madison University, Harrisonburg, Virginia, U.S.A. George Baker is a member of the faculty at James Madison University and is involved in consulting with industry and government in the areas of critical infrastructure assurance, high power electromagnetics, nuclear and directed energy effects, and ground sensors. He is the former director ( ) of the Defense Threat Reduction Agency s Springfield Research Facility involved in assessing, protecting and targeting critical underground, infrastructure and mobile systems. Much of his career was spent at the Defense Nuclear Agency directing RDT&E related to hardening systems to nuclear effects. He is presently a staff member of the Congressional EMP Commission and serves on the National committee of the American Electromagnetic (AMEREM) conference. He is past chairman of the Nonproliferation and Arms Control Technology Working Group (NPAC) focus group on buried facilities, the Underground Site Infrastructure Applications Working Group, and the international Technical Cooperation Program EMP Group. He is a member of IEEE and an EMP Fellow. He holds a Ph.D. from the U.S. Air Force Institute of Technology. Samuel T. Redwine, Jr. is a long-time figure in software engineering. He is past editor of the IEEE computer Society Software Engineering Technical Council Newsletter. He has received several major awards and has authored over 50 publications. His interests include software engineering, quality (particularly correctness), technology, and management; organizational improvement; R&D management; technology transfer; and computer security. Mr. Redwine has worked in industry and consulting for more than 25 years including time at Mitre, Institute for Defense Analyses, and the Software Productivity Consortium. He is an Associate Professor of Computer Science at James Madison University. Previously he was an Adjunct Professor at George Mason University and Virginia Tech. He has a B.S. and M.S. degrees from M.I.T. and is a member of IEEE, ACM, and the American Society for Quality (ASQ). James McManus is the Risk Assessment Modeler for the Critical Infrastructure Protection Project. His background includes over seventeen years of experience in the aerospace industry as design engineer and manager, risk assessment, and requirements management roles. He was also a director at a small research and development company where he oversaw research projects and overall operations of his office. Mr. McManus has a Bachelors in Aerospace Engineering from Georgia Tech, and an MBA from Kennesaw State University. Phil Riley is a Programmer/Analyst for the Critical Infrastructure Protection Project. His main interests are in Java development and mathematical computing. His degrees include AB, Math, University of Chicago; MA, Math, Duke University; and MS, Computer Science, James Madison University.

3 ABSTRACT Under the Critical Infrastructure Protection (CIP) program, The James Madison University (JMU) CIPP research team is developing Network Security Risk Assessment Modeling (NSRAM) tools that will enable the assessment of both cyber and physical infrastructure security risks. The effort is driven by the need to predict and compute the probability of adverse effects stemming from system attacks and malfunctions, to understand their consequences, and to improve existing systems to minimize these consequences. The tools are targeted at systems supporting critical infrastructures varying from individual systems to organization-wide systems, as well as systems covering entire geographical regions. Early work emphasizes computing systems, but systems sharing the network nature of computing systems, such as electrical and water supply systems are potential targets. Our development strategy emphasizes interaction with infrastructure service providers early-on to ensure that the final product is useful and user-friendly. The tools are being developed as part of a larger infrastructure assessment methodology development effort. As one of our first cooperative real-world case studies, we have used a developmental version of our network flow simulation tool to model Valleyville s" municipal electric power grid. We discuss the tool design, system characterization and modeling, and lessons learned from this case-study INTRODUCTION In 2003, the Department of Homeland Security issued national strategy documents for the protection of physical and cyber infrastructures that call for vulnerability assessments of critical infrastructure systems. 1,2 Modeling tools for simulation of network security and risk assessment will be an important part of such assessments. Critical infrastructure systems and facilities are subject to many different failure modes. It is important to anticipate the possible modes, the likelihood of their occurrence, and the relative seriousness of their consequences. Failures may be due to many causes, intentional and nonintentional, including cyber attacks, accidents, aging or sabotage from insiders or external malefactors. Failures can propagate such that seemingly minor problems may lead to complete functional failures. Some serious failure modes may be counter-intuitive. Of particular concern is the presence of single point failure locations known to exist in many existing critical facilities. Assessments provide an important basis for determining the most serious failure modes, implementing cost-effective countermeasures, and planning for reconstitution. To facilitate balanced assessments of both physical and cyber security problems, we are pursuing tools which extend probabilistic risk assessment into the time domain. 1 The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets, U.S. Dept of Homeland Security, February The National Strategy to Secure Cyberspace, U.S. Dept of Homeland Security, February 2003

4 NSRAM TOOL The NSRAM tool is a complex network system simulation modeling tool that is currently in development at JMU as part of the CIPP effort. The NSRAM tool concept emphasizes the analysis of large interconnected multi-infrastructure models. JMU is also developing the concept of sophisticated repair element sets that interact via pre-defined algorithms to more accurately simulation repair personnel reaction to system insults or malfunctions. These repair element sets are unique in that they interact with the simulation network model in a pre-determined manner, but their operating rules can be changed to allow the user to optimize repair strategies. The NSRAM tool design includes a graphical user interface for developing models, developing scenarios, and interpreting output. The tool is designed to be portable, and uses portable and expandable database and model structures. The tool also provides a framework to simulate large networks and analyze their behavior under conditions where the network suffers failures or structural breakdowns. In order to accurately portray the severity of network failures, repair variables (time to repair, cost to repair, repair priorities) must be taken into account. The NSRAM tool provides a repair element set that allows the user to develop an accurate repair capability that can model the effects of repair personnel or part scarcity, communication requirements, and uncertainty. The repair element set is a specialized network made of elements and flows (the same as all NSRAM networks) that interact with the modeled network via predefined repair action rules. An initial set of repair elements was used in the Valleyville case study described below. The repair element set is a unique capability of the NSRAM tool. This capability will allow the user to accurately simulate any configuration of fault detection and repair schemes. The repair element set consists of repair entities with specialized functions. These specialized elements can be combined and customized by the user as desired to provide accurate and realistic repair and maintenance functionality to the network model. All repair element set actions will simulate the actions of agents in real time. Therefore, time to travel, cost, etc. will be variables that can be tracked. The repair element set will also collect statistical data of failure frequency, mean time to repair (MTTR) and other variables as required to determine repair effectiveness. The intent of these repair element sets is to more accurately model the human response to perceived system damage. The repair element sets identify symptoms, test the system to determine the elements that are damaged, attempt to repair the damage, and then attempt system recovery. If symptoms are still present, the repair elements repeat the above cycle until the system is recovered. Inspection routines will also be accommodated so that preventative maintenance effects are accurately incorporated. The repair element set design is a large task, and JMU is currently at the beginning of this effort. In order to incorporate the repair sets into the model as quickly as possible, they are being designed with extensibility in mind. That way, as the repair sets are developed, they can be easily modified and capabilities added to enhance fidelity and/or flexibility. We will initially incorporate relatively simple repair capabilities and add capabilities to accommodate client needs.

5 VALLEYVILLE MUNICIPAL ELECTRIC POWER GRID CASE-STUDY An important part of the NSRAM development strategy is early interaction with clients to ensure that the model is responsive to real-world needs in terms of input problems and output information. The client interaction is doubly important, because the tool is being developed as part of a larger vulnerability assessment methodology to treat realistic infrastructure problems. As one of our first clients, we have been able to work with a local municipal public works department to do an initial case study on their electric power distribution system. We used the codename Valleyville for this project to provide security for our client. The Valleyville case study project involved a broad set of objectives culminating in modeling the system using NSRAM. We organized an assessment team including faculty experts on electric power, risk assessment and modeling and simulation. A field team, including students, was deployed to survey and map the electric power system. All major power transformers and electrical distribution lines were mapped. This map provided the information required to develop both a physical and a logical (power flow) map of the town s power grid. The team also reviewed system engineering documents to gather information on network operating parameters and component design. In consultation with the public works department, we identified the critical system elements including grid components and locations of critical infrastructure facilities supplied by the grid. Critical facilities included water supply, waste treatment, government, police, fire and rescue services. Facilities having backup generators were noted. Repair resources and their capabilities were identified. We developed a comprehensive list of threats and hazards that might affect the system and discussed these with the public works department to determine those of highest concern.. MODELING VALLEYVILLE Once information gathering and physical mapping was complete we developed a one-line diagram of the system and selected a network subset for our initial NSRAM modeling. The modeling investigated the effect of various outage scenarios on the municipality. While the town and electrical power grid model are modest in size the task enabled us to exercise the graphical user interface model design scheme, build a realistic model, and provide feedback to the software developers to help design algorithms that make model creation intuitive. The Valleyville power grid is composed of three separate AC electrical circuits, each separated by 120 degrees of phase separation. These phases are noted as Phase A, B, and C. Power is purchased from a regional distributor and enters the municipal grid at 19.9 KV. This voltage level is stepped down at the main substation from 19.9 KV to 4.2 KV (phase to ground.) The 4.2 KV voltage is stepped down to the familiar household 120/240 V via distribution transformers. Distribution transformers generally provide power for three to ten homes. Businesses generally have a dedicated distribution transformer, and in several cases used power from different phase circuits simultaneously. The municipal grid has no active monitoring, and relies on inspections and trouble calls from customers to alert Valleyville Power Company to problems. The NSRAM tool used the Valleyville power flow map to develop an electrical grid functional model. While the three single phase circuits are physically very close (the three distribution lines generally are attached to the same power distribution poles) from a power distribution point of

6 view they are completely isolated. The three phases of electrical power were modeled as three separate models, however the naming convention used allowed us to investigate a situation where insults occur that could physically affect all three power phases simultaneously (for example, if a power distribution pole is knocked down.) Due to the relatively small size of the power grid, we were able to easily model the system at a detailed level. However, as in all modeling exercises, some abstractions were made. For this model, the power loads were simplified. Each power load element represents three to seven residential consumers power consumption needs or a commercial load. These loads are variable and are a function of time of year, time of day, temperature and a number of other variables; however in the first generation of this model the loads are considered to be constant. This simplification is acceptable because our original outage scenario focuses on power outages caused by large external events, such as lightning strikes, rather than power outages caused by customers overloading the system. The development approach for the NSRAM tool is to simultaneously develop the software while using early versions to solve client problems. Through exercising the tool via real world applications, we are attempting to modify our requirements while still in the design stages to enable the team to develop a more useable tool in the end. RESULTS Phase A of the Valleyville power grid was initially modeled as a capability demonstration. The model consisted of approximately 60 elements and 74 connections between those elements. Valleyville power usage was abstracted as total power demand at the final distribution transformer, that is, customer houses were lumped together as a distribution transformer load. Figure 1 is a screenshot from the demonstration showing the logical network of the power grid. Figure 2 shows details from the model. This figure shows individual elements (different icons for each type of element modeled), input and output ports (dots around the elements) and connections (lines.)

7 Figure 1 NSRAM Demonstration Model Figure 2 Model Details

8 The model was subjected to a major outage condition simulating a municipal grid line failing. This failure caused the household loads to exceed the power available at the distribution transformer, which caused the loads to shut down. The loads (households or commercial) wait a random amount of time before phoning the power company to notify it of a failure condition. The repair element set for this case study was an initial set designed specifically for Valleyville that consists of two repair agents and the main power company. When the power company is notified that a failure occurred, it radios one of the repair agents and sends it to the notification location. The repair agent has a delay built into the programming to simulate the need to drive to the location. When the agent reaches the location, it tests the element to determine if the element has failed. If so, the agent repairs it. If the element is operational, the repair agent travels to the first element between the previously checked one and the main power station. It repeats that cycle, working its way towards the main power station until it finds a failed element, which it repairs. Then it notifies the main power company that it has finished its work and returns to base. This behavior accurately simulates the methods used in Valleyville. When a customer calls in the repair truck is dispatched to that location. The power lines are traced back towards the main substation until the problem is found and repaired. The demonstration run consisted of one of the municipal grid lines failing. This lead to a large number of customers losing power, which provided a large set of starting points for the repair agents to begin their diagnoses. As this line is fairly well upstream the repair agents would on average check several elements prior to discovering the major power line failure. This study simulates a large lightning strike, the intentional destruction of a power line or a similar event. Below is an example of a resultant output graph from the case study where operational impact occurred. The output shows the percentage chance that power is available at that element. Initially, the power grid is allowed to come to equilibrium and operate for a short period of time. The sudden decrease indicates the failure event. Then, depending on where the repair agent initially starts its search, the percentage chance that power is available begins to climb back towards nominal. The three lines on the graph indicate the mean values and one standard deviation above and below that value.

9 Figure 3 Typical NSRAM Output Graph LESSONS LEARNED FROM CASE STUDY The strategy of using a modeling tool that is in development to assist in a client analysis has been both fruitful and frustrating. It was sometimes frustrating to the modeler that the NSRAM tool is still in development and many of its features are more difficult to access than would be expected in a mature tool. This caused the development of the electrical grid models to be delayed somewhat and incurred extra time in building those models. In addition, the development team was busy testing the next revision of the software during the time the models were developed. Although the development team was quite helpful, it was unrealistic to expect them to have the time to solve all discovered problems in time to help with the initial phase of model building. However, this exercise provided helpful feedback on several features of the software that are either in development or are planned to be developed in the next release. The team feels that this feedback helped to focus the development team planning for the next internal release task. It also provided the modeler with a better understanding of the developers targeted usage of the tool and the developers with a better understanding of how the tool will ultimately be used. CONCLUSION We are developing risk analysis modeling tools that address physical and cyber infrastructures. The tools extend probabilistic risk assessment into the time domain and include a time domain fault tree technique and a network flow simulation based techniques. The fault tree technique provides a simple, top level calculation of overall system mission functionality vs. time. The network flow based technique provides detailed system service performance, security and risk metrics vs. time. For critical infrastructure networks the JMU models and tools will provide insights into failure and degradation including possibilities, probabilities, modes, cascading effects, and durations. They should provide useful insights into probable failure points and most cost effective protection and/or upgrade approaches. Results will be useful for estimating the cost of service degradation or outage.

10 The tools are still in the developmental stage. The initial products will be somewhat technical in nature, designed for the use of JMU consultant level experts, with current development work concentrating on modeling repair, computer security phenomena, user interface refinements to increase accessibility and capabilities needed to model client infrastructure networks. Successful application of these tools requires that they be used as part of a well defined risk assessment methodology and that system subject matter experts be involved in defining input parameters to ensure reliable results. May, 2004 Institute for Infrastructure & Information Assurance

I n s t i t u t e f o r I n f r a s t r u c t u r e a n d I n f o r m a t i o n A s s u r a n c e

I n s t i t u t e f o r I n f r a s t r u c t u r e a n d I n f o r m a t i o n A s s u r a n c e A Vulnerability Assessment Methodology for Critical Infrastructure Facilities 1 George H Baker III, PhD James Madison University Harrisonburg, VA 22807 bakergh@jmuedu ABSTRACT Highly efficient, complex,

More information

Using Application Response to Monitor Microsoft Outlook

Using Application Response to Monitor Microsoft Outlook Focus on Value Using Application Response to Monitor Microsoft Outlook Microsoft Outlook is one of the primary e-mail applications used today. If your business depends on reliable and prompt e-mail service,

More information

The calm after the storm

The calm after the storm The calm after the storm Human decision support in storm outage recovery Rafael Ochoa, Amitava Sen It s a fact of life that interruptions in an electrical distribution utility happen. Although they can

More information

Storm Ready: How to Prepare Your Business

Storm Ready: How to Prepare Your Business Storm Ready: How to Prepare Your Business Emergency Planning and Storm Preparedness Louis DeBrino, Manager, Emergency Preparedness 1 PSEG Long Island: Who We Are and the Promises We ve Made 2 PSEG Vision,

More information

Monitoring Web Applications with Application Response

Monitoring Web Applications with Application Response Monitoring Web Applications with Application Response For time-critical Web-based applications, even a short-term performance problem can cause lost revenue when customers cannot place orders or they become

More information

Nuclear Power Plant Electrical Power Supply System Requirements

Nuclear Power Plant Electrical Power Supply System Requirements 1 Nuclear Power Plant Electrical Power Supply System Requirements Željko Jurković, Krško NPP, zeljko.jurkovic@nek.si Abstract Various regulations and standards require from electrical power system of the

More information

NCUA LETTER TO CREDIT UNIONS

NCUA LETTER TO CREDIT UNIONS NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster

More information

Design & Implementation about Mining Enterprise EAM (Enterprise Asset Management) System

Design & Implementation about Mining Enterprise EAM (Enterprise Asset Management) System Design & Implementation about Mining Enterprise EAM (Enterprise Asset Management) System Wang Huan, Li Changliang, Wang Dianlong Anshan Iron and Steel Group Corporation Mining Industry Company Abstract:

More information

System Aware Cyber Security

System Aware Cyber Security System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology to the Cyber Security of Physical Systems Barry M. Horowitz, Kate Pierce University of Virginia April, 2012

More information

Infrastructure Interdependencies

Infrastructure Interdependencies Infrastructure Interdependencies Terrence K. (Terry) Kelly, Ph.D. Senior National Security Officer White House Office of Science and Technology Policy based in part on an article to appear in IEEE Control

More information

Emergency Operations California State University Los Angeles

Emergency Operations California State University Los Angeles Business Continuity Plan Emergency Operations California State University Los Angeles 1. Objective & Scope 2. Definition of Disaster 3. Risk and Business Impact Analysis Summary 4. Business Continuity

More information

ELEMENTS OF A POWER SYSTEMS RISK ANALYSIS AND RELIABILITY STUDY

ELEMENTS OF A POWER SYSTEMS RISK ANALYSIS AND RELIABILITY STUDY ELEMENTS OF A POWER SYSTEMS RISK ANALYSIS AND RELIABILITY STUDY OLIVER K. HUNG SENIOR MEMBER IEEE Universal Dynamics Limited 100-13700 International Place Richmond, CANADA V6V 2X8 AND WILLIAM A. GOUGH

More information

Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching, and Software Development

Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching, and Software Development Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity (IC) 3 12 February 2015 Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching,

More information

REQUIREMENTS FOR A REAL-TIME RISK MONITORING TOOL TO REDUCE TRANSMISSION GRID NUCLEAR PLANT VULNERABILITIES

REQUIREMENTS FOR A REAL-TIME RISK MONITORING TOOL TO REDUCE TRANSMISSION GRID NUCLEAR PLANT VULNERABILITIES REQUIREMENTS FOR A REAL-TIME RISK MONITORING TOOL TO REDUCE TRANSMISSION GRID NUCLEAR PLANT VULNERABILITIES M. D. Muhlheim, 1 L. C. Markel, 2 F. J. Rahn, 3 and B. P. Singh 4 1 Oak Ridge National Laboratory,

More information

Summary of CIP Version 5 Standards

Summary of CIP Version 5 Standards Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have

More information

FRCC Standards Handbook. FRCC Automatic Underfrequency Load Shedding Program. Revision Date: July 2003

FRCC Standards Handbook. FRCC Automatic Underfrequency Load Shedding Program. Revision Date: July 2003 F R C C FRCC Standards Handbook FRCC Automatic Underfrequency Load Shedding Program Revision Date: July 2003 FRCC Underfrequency Load Shedding Program Modification and Approval Process Requests to modify

More information

Research on Framework of Product Health Management Center Based on DoDAF

Research on Framework of Product Health Management Center Based on DoDAF A publication of CHEMICAL ENGINEERING TRANSACTIONS VOL. 33, 2013 Guest Editors: Enrico Zio, Piero Baraldi Copyright 2013, AIDIC Servizi S.r.l., ISBN 978-88-95608-24-2; ISSN 1974-9791 The Italian Association

More information

Best Practices for Creating Your Smart Grid Network Model. By John Dirkman, P.E.

Best Practices for Creating Your Smart Grid Network Model. By John Dirkman, P.E. Best Practices for Creating Your Smart Grid Network Model By John Dirkman, P.E. Best Practices for Creating Your Smart Grid Network Model By John Dirkman, P.E. Executive summary A real-time model of their

More information

A Risk Assessment Methodology (RAM) for Physical Security

A Risk Assessment Methodology (RAM) for Physical Security A Risk Assessment Methodology (RAM) for Physical Security Violence, vandalism, and terrorism are prevalent in the world today. Managers and decision-makers must have a reliable way of estimating risk to

More information

Information Technology Engineers Examination. Network Specialist Examination. (Level 4) Syllabus. Details of Knowledge and Skills Required for

Information Technology Engineers Examination. Network Specialist Examination. (Level 4) Syllabus. Details of Knowledge and Skills Required for Information Technology Engineers Examination Network Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination Version 2.0

More information

Network Mission Assurance

Network Mission Assurance Network Mission Assurance Michael F. Junod, Patrick A. Muckelbauer, PhD, Todd C. Hughes, PhD, Julius M. Etzl, and James E. Denny Lockheed Martin Advanced Technology Laboratories Camden, NJ 08102 {mjunod,pmuckelb,thughes,jetzl,jdenny}@atl.lmco.com

More information

Panel Session: Lessons Learned in Smart Grid Cybersecurity

Panel Session: Lessons Learned in Smart Grid Cybersecurity PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory

More information

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security. Deputy Chief Financial Officer Peggy Sherry And Chief Information Security Officer Robert West U.S. Department of Homeland Security Testimony Before the Subcommittee on Government Organization, Efficiency

More information

REINVESTMENT STRATEGY MAKING FOR DISTRIBUTION NETWORKS

REINVESTMENT STRATEGY MAKING FOR DISTRIBUTION NETWORKS REINVESTMENT STRATEGY MAKING FOR DISTRIBUTION NETWORKS Maria D. Catrinu, Agnes Nybø, SINTEF Energy Research maria.d.catrinu@sintef.no, agnes.nybo@sintef.no, Dag Eirik Nordgård NTNU Dag.E.Nordgard@elkraft.ntnu.no

More information

PUBLIC UTILITIES COMMISSIO~t~ Docket No. DE 15-

PUBLIC UTILITIES COMMISSIO~t~ Docket No. DE 15- Th~NALZZ~ Exhibit STATE OF NEW HAMPSHIRE t~~eeee BEFORE THE FROM FILE PUBLIC UTILITIES COMMISSIO~t~ Liberty Utilities (Granite State Electric) Corp. dibla Liberty Utilities Calendar Year 2014 Reliability

More information

Testimony of Eunice Santos. House Oversight and Government Affairs Committee Subcommittee on Information Technology

Testimony of Eunice Santos. House Oversight and Government Affairs Committee Subcommittee on Information Technology Testimony of Eunice Santos Before the House Oversight and Government Affairs Committee Subcommittee on Information Technology Federal Efforts to Improve Cybersecurity June 20 th, 2016 Chicago, Illinois

More information

Prediction of DDoS Attack Scheme

Prediction of DDoS Attack Scheme Chapter 5 Prediction of DDoS Attack Scheme Distributed denial of service attack can be launched by malicious nodes participating in the attack, exploit the lack of entry point in a wireless network, and

More information

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic

More information

CIPS 2011 Awarded Grants. Project number Applicant's name Ctry Title Description Grant

CIPS 2011 Awarded Grants. Project number Applicant's name Ctry Title Description Grant CIPS 2011 Awarded Grants Project number Applicant's name Ctry Title Description Grant HOME/2011/CIPS/AG/2012 NATIONAL INSTUTE COMMUNICATION TECHNOLOGIES (INTECO) ES SCADA laboratory and testbed as a service

More information

StrategyDriven.com. Organizational Performance Measures. Types. Business Execution Series...

StrategyDriven.com. Organizational Performance Measures. Types. Business Execution Series... StrategyDriven.com Business Execution Series... Organizational Performance Measures Types Copyright 2007 by Nathan A. Ives. All rights reserved. Limit of Liability/Disclaimer of Warranty: While the author

More information

Automotive Black Box Data Recovery Systems

Automotive Black Box Data Recovery Systems Introduction Automotive Black Box Data Recovery Systems By Don Gilman For years, airplane crash investigators have had the benefit of retrieving data from the flight-data recorder, or "black box." This

More information

Four Steps to Disaster Recovery and Business Continuity using iscsi

Four Steps to Disaster Recovery and Business Continuity using iscsi White Paper Four Steps to Disaster Recovery and Business Continuity using iscsi It s a fact of business life physical, natural, and digital disasters do occur, and they interrupt operations and impact

More information

Utility Communications FOXMAN-UN Network Management System for ABB Communication Equipment

Utility Communications FOXMAN-UN Network Management System for ABB Communication Equipment Utility Communications FOXMAN-UN Network Management System for ABB Communication Equipment A reliable & flexible communication network lies at the heart of successful electrical grid operations. A comprehensive

More information

Disaster Preparedness & Response

Disaster Preparedness & Response 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B C E INTRODUCTION AND PURPOSE REVIEW ELEMENTS ABBREVIATIONS NCUA REFERENCES EXTERNAL REFERENCES Planning - Ensuring

More information

Effective Practices in Deploying Mobile Computing Devices for Field Operations in Process Industries

Effective Practices in Deploying Mobile Computing Devices for Field Operations in Process Industries PROCEEDINGS of the HUMAN FACTORS AND ERGONOMICS SOCIETY 48th ANNUAL MEETING 2004 1155 Effective Practices in Deploying Mobile Computing Devices for Field Operations in Process Industries John Hajdukiewicz

More information

EA Technology (UK) EA Technology (UK) NEDL (UK)

EA Technology (UK) EA Technology (UK) NEDL (UK) Optimising Customer Information and the Fault Management Process D C Newis L Roberts John Barnett EA Technology (UK) EA Technology (UK) NEDL (UK) SUMMARY Electricity companies are under increasing pressure

More information

Essential Cooling System Requirements for Next Generation Data Centers

Essential Cooling System Requirements for Next Generation Data Centers Essential Cooling System Requirements for Next Generation Data Centers White Paper #5 Revision 3 Executive Summary Effective mission critical installations must address the known problems and challenges

More information

Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure

Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure Presentation to the U.S. Department of Energy by the IEEE Joint Task Force on QER Trends: Resilience

More information

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com SCADA Business Continuity and Disaster Recovery Presented By: William Biehl, P.E. 913-601-0104 (mobile) Bill.Biehl@we-inc.com Business Continuity Planning, a Sound Process A Business Continuity Plan: "A

More information

Essential Power System Requirements for Next Generation Data Centers

Essential Power System Requirements for Next Generation Data Centers Essential Power System Requirements for Next Generation Data Centers White Paper #4 Revision 4 Executive Summary Effective mission critical installations must address the known problems and challenges

More information

ROAD WEATHER INFORMATION AND WINTER MAINTENANCE MANAGEMENT SYSTEM ICELAND

ROAD WEATHER INFORMATION AND WINTER MAINTENANCE MANAGEMENT SYSTEM ICELAND ROAD WEATHER INFORMATION AND WINTER MAINTENANCE MANAGEMENT SYSTEM ICELAND Björn Ólafsson, Head of Service Departament, Public Road Administration, Iceland The following flow chart shows the relation between

More information

Federal Wage System Job Grading Standards for Electric Power Controlling, 5407. Table of Contents

Federal Wage System Job Grading Standards for Electric Power Controlling, 5407. Table of Contents Federal Wage System Job Grading Standards for Electric Power Controlling, 5407 Table of Contents WORK COVERED... 2 WORK NOT COVERED...2 TITLES... 2 GRADE LEVELS... 2 SPECIAL ADDITIONAL RESPONSIBILITIES...

More information

SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY

SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

6545(Print), ISSN 0976 6553(Online) Volume 4, Issue 2, March April (2013), IAEME & TECHNOLOGY (IJEET)

6545(Print), ISSN 0976 6553(Online) Volume 4, Issue 2, March April (2013), IAEME & TECHNOLOGY (IJEET) INTERNATIONAL International Journal of JOURNAL Electrical Engineering OF ELECTRICAL and Technology (IJEET), ENGINEERING ISSN 0976 & TECHNOLOGY (IJEET) ISSN 0976 6545(Print) ISSN 0976 6553(Online) Volume

More information

Business Continuity Position Description

Business Continuity Position Description Position Description February 9, 2015 Position Description February 9, 2015 Page i Table of Contents General Characteristics... 2 Career Path... 3 Explanation of Proficiency Level Definitions... 8 Summary

More information

OPERATIONS CAPITAL. The Operations Capital program for the test years is divided into two categories:

OPERATIONS CAPITAL. The Operations Capital program for the test years is divided into two categories: Filed: September 0, 00 EB-00-0 Tab Schedule Page of OPERATIONS CAPITAL.0 INTRODUCTION Operations Capital funds enhancements and replacements to the facilities required to operate the Hydro One Transmission

More information

Tutorial on Probabilistic Risk Assessment (PRA)

Tutorial on Probabilistic Risk Assessment (PRA) Tutorial on Probabilistic Risk Assessment (PRA) What is a PRA? Risk assessments include identification and analysis of Initiating events Circumstances that put a nuclear plant in an off-normal condition

More information

SureSense Software Suite Overview

SureSense Software Suite Overview SureSense Software Overview Eliminate Failures, Increase Reliability and Safety, Reduce Costs and Predict Remaining Useful Life for Critical Assets Using SureSense and Health Monitoring Software What SureSense

More information

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble

More information

2014 Polk County ESF #2 Communications. Public Version. Public Version-Polk County ESF #2 Communications 2014

2014 Polk County ESF #2 Communications. Public Version. Public Version-Polk County ESF #2 Communications 2014 2014 Polk County ESF #2 Communications Public Version ESF#2 Communications 2014 Polk County Emergency Management Agency Page 1 of 13 Table of Contents 1. Introduction... 3 1.1 Purpose of ESF #2: Communication...

More information

More than Just Monitoring - A Virtual Technician

More than Just Monitoring - A Virtual Technician Next Generation Monitoring of Substations More than Just Monitoring - A Virtual Technician C. Harper Anderton Contents Introduction... 1 Smoke signals vs fiber optic... 1 Standard response vs smart response...

More information

Government Degree on the Safety of Nuclear Power Plants 717/2013

Government Degree on the Safety of Nuclear Power Plants 717/2013 Translation from Finnish. Legally binding only in Finnish and Swedish. Ministry of Employment and the Economy, Finland Government Degree on the Safety of Nuclear Power Plants 717/2013 Chapter 1 Scope and

More information

TELECOMMUNICATION SYSTEM HAZARD MITIGATION STRATEGIC PLANNING

TELECOMMUNICATION SYSTEM HAZARD MITIGATION STRATEGIC PLANNING TELECOMMUNICATION SYSTEM HAZARD MITIGATION STRATEGIC PLANNING A.K. Tang 1 1 President, L&T Engineering and Project Management Consultant, Mississauga. Canada Email: alexktang@mac.com ABSTRACT: Telecommunication

More information

Electric Field Operations Organization

Electric Field Operations Organization NSTAR Electric Transmission Function Job Summaries Electric Field Operations Organization Vice President, Electric Field Operations (Transmission) This position has primary responsibility for the planning,

More information

Contingency planning. DAU Marts 2013

Contingency planning. DAU Marts 2013 ning DAU Marts 2013 Agenda Introduction Process definition Activation and notification Recovery Reconstruction Evaluation Examples Do and Don t Why bother? Information provided by information technology

More information

Massachusetts Institute of Technology. Functional Area Recovery Management Team Plan Development Template

Massachusetts Institute of Technology. Functional Area Recovery Management Team Plan Development Template Massachusetts Institute of Technology Functional Area Recovery Management Team Plan Development Template Public Distribution Version For further information, contact: Jerry Isaacson MIT Information Security

More information

Safeguards and Security

Safeguards and Security Safeguards and Security Overview The Safeguards and Security (S&S) program mission is to support Departmental research at Office of Science (SC) laboratories by ensuring appropriate levels of protection

More information

Electromagnetic Pulse: Effects on the U.S. Power Grid

Electromagnetic Pulse: Effects on the U.S. Power Grid Executive Summary The nation s power grid is vulnerable to the effects of an electromagnetic pulse (EMP), a sudden burst of electromagnetic radiation resulting from a natural or man-made event. EMP events

More information

CONTINUITY OF OPERATION PLAN (COOP) FOR NONPROFIT HUMAN SERVICES PROVIDERS

CONTINUITY OF OPERATION PLAN (COOP) FOR NONPROFIT HUMAN SERVICES PROVIDERS A L L I A N C E F O R H U M A N S E R V I C E S www.alliance4hs.org CONTINUITY OF OPERATION PLAN (COOP) FOR NONPROFIT HUMAN SERVICES PROVIDERS ALLIANCE FOR HUMAN SERVICES & MIAMI-DADE COUNTY OFFICE OF

More information

City of Buffalo Municipal Electric Utility Energy Emergency Response

City of Buffalo Municipal Electric Utility Energy Emergency Response City of Buffalo Municipal Electric Utility Energy Emergency Response Table of Contents Page 1. Goals 2 2. Types of Energy Emergencies..3 3. Utility Emergency Operating Plans.4 4. Link to General Reliability/Outage

More information

Fault Tolerant Servers: The Choice for Continuous Availability on Microsoft Windows Server Platform

Fault Tolerant Servers: The Choice for Continuous Availability on Microsoft Windows Server Platform Fault Tolerant Servers: The Choice for Continuous Availability on Microsoft Windows Server Platform Why clustering and redundancy might not be enough This paper discusses today s options for achieving

More information

Introduction. Background

Introduction. Background Predictive Operational Analytics (POA): Customized Solutions for Improving Efficiency and Productivity for Manufacturers using a Predictive Analytics Approach Introduction Preserving assets and improving

More information

CIP-014-1 Physical Security. Nate Roberts CIP Security Auditor I

CIP-014-1 Physical Security. Nate Roberts CIP Security Auditor I CIP-014-1 Physical Security Nate Roberts CIP Security Auditor I Notes Critical Infrastructure Protection (CIP) Standard CIP-014-1 is currently pending approval by the Federal Energy Regulatory Commission

More information

Risk Management in Practice A Guide for the Electric Sector

Risk Management in Practice A Guide for the Electric Sector Risk Management in Practice A Guide for the Electric Sector Annabelle Lee Senior Technical Executive ICCS European Engagement Summit April 28, 2015 Before we continue let s get over our fears and myths

More information

Energy Systems Integration

Energy Systems Integration Energy Systems Integration Dr. Martha Symko-Davies Director of Partnerships, ESI March 2015 NREL is a national laboratory of the U.S. Department of Energy, Office of Energy Efficiency and Renewable Energy,

More information

Why Migrate to the Cloud. ABSS Solutions, Inc. 2014

Why Migrate to the Cloud. ABSS Solutions, Inc. 2014 Why Migrate to the Cloud ABSS Solutions, Inc. 2014 ASI Cloud Services Information Systems Basics Cloud Fundamentals Cloud Options Why Move to the Cloud Our Service Providers Our Process Information System

More information

GUIDANCE FOR ASSESSING THE LIKELIHOOD THAT A SYSTEM WILL DEMONSTRATE ITS RELIABILITY REQUIREMENT DURING INITIAL OPERATIONAL TEST.

GUIDANCE FOR ASSESSING THE LIKELIHOOD THAT A SYSTEM WILL DEMONSTRATE ITS RELIABILITY REQUIREMENT DURING INITIAL OPERATIONAL TEST. GUIDANCE FOR ASSESSING THE LIKELIHOOD THAT A SYSTEM WILL DEMONSTRATE ITS RELIABILITY REQUIREMENT DURING INITIAL OPERATIONAL TEST. 1. INTRODUCTION Purpose The purpose of this white paper is to provide guidance

More information

Guidance for the Quality Assurance of Fire Protection Systems

Guidance for the Quality Assurance of Fire Protection Systems Guidance for the Quality Assurance of Fire Protection Systems Prepared for: Office of Energy Research Office of Environment, Safety and Health Technical Support Prepared by: Roy F. Weston, Inc. October

More information

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT

More information

A Security Approach in System Development Life Cycle

A Security Approach in System Development Life Cycle A Security Approach in System Development Life Cycle (1) P.Mahizharuvi, Research Scholar, Dept of MCA, Computer Center, Madurai Kamaraj University, Madurai. mahiconference@gmail.com (2) Dr.K.Alagarsamy,

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

Report in respect of. Service Disruption on 9 April 2012

Report in respect of. Service Disruption on 9 April 2012 Report in respect of Service Disruption on 9 April 2012 1. Introduction On 9 April 2012, a power outage occurred in the Shatin Switching Centre, one of three switching centres deployed by SmarTone Mobile

More information

Monitoring the public safety radio system in 2015. Henry County, P.O.Box 7, Collinsville, VA 24078

Monitoring the public safety radio system in 2015. Henry County, P.O.Box 7, Collinsville, VA 24078 Henry County, Virginia Monitoring the public safety radio system in 2015 6. Information Technology Christian Youngblood Director Information Services Henry County, P.O.Box 7, Collinsville, VA 24078 (276)

More information

Opportunities to Overcome Key Challenges

Opportunities to Overcome Key Challenges The Electricity Transmission System Opportunities to Overcome Key Challenges Summary Results of Breakout Group Discussions Electricity Transmission Workshop Double Tree Crystal City, Arlington, Virginia

More information

ComEd Grid Modernization

ComEd Grid Modernization ComEd Grid Modernization Dan Gabel Manager, Smart Grid and Technology September 30, 2013 THE STORM OF THE CENTURY IS BECOMING THE NORM Summer of 2011 Most damaging storm season on record for ComEd Eleven

More information

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1 A. Introduction 1. Title: 2. Number: 3. Purpose: To prevent and detect unauthorized changes to BES cyber systems by specifying configuration change management and vulnerability assessment requirements

More information

Metrics to Assess and Manage Software Application Security Risk. M. Sahinoglu, S. Stockton, S. Morton, P. Vasudev, M. Eryilmaz

Metrics to Assess and Manage Software Application Security Risk. M. Sahinoglu, S. Stockton, S. Morton, P. Vasudev, M. Eryilmaz Metrics to Assess and Manage Software Application Security Risk M. Sahinoglu, S. Stockton, S. Morton, P. Vasudev, M. Eryilmaz Auburn University at Montgomery (AUM) and ATILIM University, Ankara msahinog@aum.edu,

More information

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4 State Agency Cybersecurity Survey v 3.4 The purpose of this survey is to identify your agencies current capabilities with respect to information systems/cyber security and any challenges and/or successes

More information

Emergency Preparedness Guidelines

Emergency Preparedness Guidelines DM-PH&SD-P7-TG6 رقم النموذج : I. Introduction This Guideline on supports the national platform for disaster risk reduction. It specifies requirements to enable both the public and private sector to develop

More information

Application Support Solution

Application Support Solution Application Support Solution White Paper This document provides background and administration information on CAI s Legacy Application Support solution. PRO00001-MNGMAINT 080904 Table of Contents 01 INTRODUCTION

More information

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006 Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an

More information

SOUTH CAROLINA. Standard for Interconnecting Small Generation 100 kw or Less with Electric Power Systems (EPS) (Interconnection Standard)

SOUTH CAROLINA. Standard for Interconnecting Small Generation 100 kw or Less with Electric Power Systems (EPS) (Interconnection Standard) SOUTH CAROLINA Standard for Interconnecting Small Generation 100 kw or Less with Electric Power Systems (EPS) (Interconnection Standard) 1. Overview: This Standard contains the requirements, in addition

More information

Section 2: Overview of Wireless Broadband Networks

Section 2: Overview of Wireless Broadband Networks Section 2: Overview of Wireless Broadband Networks 2.1 Introduction to Broadband Network Elements Over the past decade, technological innovation and a motivation to deploy broadband in new, efficient ways

More information

Section 6 Fire Detection and Alarm Systems Russell Porteous Chief Executive Officer Firewize Services

Section 6 Fire Detection and Alarm Systems Russell Porteous Chief Executive Officer Firewize Services Section 6 Fire Detection and Alarm Systems Russell Porteous Chief Executive Officer Firewize Services General Information Section 6 of AS1851-2012 covers: Fire Detection and Alarms Systems Electrical Detection

More information

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC Visualization, Modeling and Predictive Analysis of Internet Attacks Thermopylae Sciences + Technology, LLC Administrative POC: Ms. Jeannine Feasel, jfeasel@t-sciences.com Technical POC: George Romas, gromas@t-sciences.com

More information

Cyber Security and Privacy - Program 183

Cyber Security and Privacy - Program 183 Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology

More information

Increased power protection with parallel UPS configurations

Increased power protection with parallel UPS configurations Increased power protection with parallel UPS configurations Making the selection between Centralized Bypass and Distributed Bypass systems Janne Paananen Application Engineer, Large Systems Group Eaton

More information

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015. Electric Grid Operations

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015. Electric Grid Operations San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015 Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission

More information

NERC Cyber Security Standards

NERC Cyber Security Standards SANS January, 2008 Stan Johnson Manager of Situation Awareness and Infrastructure Security Stan.johnson@NERC.net 609-452-8060 Agenda History and Status of Applicable Entities Definitions High Level of

More information

Agenda do Mini-Curso. Sérgio Yoshio Fujii. Ethan Boardman. sergio.fujii@areva-td.com. ethan.boardman@areva-td.com

Agenda do Mini-Curso. Sérgio Yoshio Fujii. Ethan Boardman. sergio.fujii@areva-td.com. ethan.boardman@areva-td.com Agenda do Mini-Curso Sérgio Yoshio Fujii sergio.fujii@areva-td.com Ethan Boardman ethan.boardman@areva-td.com Agenda do Mini-Curso Sistemas de Distribuição (DMS) Characteristics of Distribution Network

More information

Data Security Concerns for the Electric Grid

Data Security Concerns for the Electric Grid Data Security Concerns for the Electric Grid Data Security Concerns for the Electric Grid The U.S. power grid infrastructure is a vital component of modern society and commerce, and represents a critical

More information

CISM Certified Information Security Manager

CISM Certified Information Security Manager CISM Certified Information Security Manager Firebrand Custom Designed Courseware Chapter 4 Information Security Incident Management Exam Relevance Ensure that the CISM candidate Establish an effective

More information

Learning Outcomes. Systems Engineering. Risk. Risk Management

Learning Outcomes. Systems Engineering. Risk. Risk Management Systems Engineering Lecture 11 and Criticality Dr. Joanna Bryson Dr. Leon Watts University of Bath Department of Computer Science 1 Learning Outcomes After the lecture and doing the reading, you should

More information

OVERVIEW HIGHLIGHTS. Exsys Corvid Datasheet 1

OVERVIEW HIGHLIGHTS. Exsys Corvid Datasheet 1 Easy to build and implement knowledge automation systems bring interactive decision-making expertise to Web sites. Here s proven technology that provides customized, specific recommendations to prospects,

More information

Ongoing Help Desk Management Plan

Ongoing Help Desk Management Plan Ongoing Help Desk Management Plan HELP DESK IMPLEMENTATION /MANAGEMENT The Vendor shall provide in its Response to DIR a Help Desk Implementation Plan which shall include, but not be limited to: a. Customer

More information

DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning

DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning Your Documents. Our Management. DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning Dr. Robert L. Bailey, CRM, MIT, ECMp L E A R N M O R E A B O U T D A S T A A T W W W. D R M.

More information

ITMF Disaster Recovery and Business Continuity Committee Report for the UGA IT Master Plan

ITMF Disaster Recovery and Business Continuity Committee Report for the UGA IT Master Plan ITMF Disaster Recovery and Business Continuity Committee Report for the UGA IT Master Plan I. Executive Summary Planning for continued operation during unforeseen catastrophic events, and for returning

More information

The Advantages of an Integrated Factory Acceptance Test in an ICS Environment

The Advantages of an Integrated Factory Acceptance Test in an ICS Environment The Advantages of an Integrated Factory Acceptance Test in an ICS Environment By Jerome Farquharson, Critical Infrastructure and Compliance Practice Manager, and Alexandra Wiesehan, Cyber Security Analyst,

More information

The Business Continuity Maturity Continuum

The Business Continuity Maturity Continuum The Business Continuity Maturity Continuum Nick Benvenuto & Brian Zawada Protiviti Inc. 2004 Protiviti Inc. EOE Agenda Terminology Risk Management Infrastructure Discussion A Proposed Continuity Maturity

More information