PROJECT BOEING SGS. Interim Technology Performance Report 1. Company Name: The Boeing Company. Contract ID: DE-OE0000191

Similar documents
PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

Final Technical Report. Contract ID: DE-OE Project Type: Regional Demonstration. Revision: V2. Recipient: The Boeing Company

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Information Technology Risk Management

future data and infrastructure

Risk Management Guide for Information Technology Systems. NIST SP Overview

Enterprise Security Tactical Plan

Cyber Security Metrics Dashboards & Analytics

The Importance of Cybersecurity Monitoring for Utilities

Cyber Security Risk Management: A New and Holistic Approach

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Cyber Security and Privacy - Program 183

TRIPWIRE NERC SOLUTION SUITE

NERC CIP VERSION 5 COMPLIANCE

Panel Session: Lessons Learned in Smart Grid Cybersecurity

FREQUENTLY ASKED QUESTIONS

Cybersecurity: What CFO s Need to Know

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Defending Against Data Beaches: Internal Controls for Cybersecurity

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

Breakthrough Cyber Security Strategies. Introducing Honeywell Risk Manager

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

How To Audit The Mint'S Information Technology

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

Critical Controls for Cyber Security.

Comparison of Information Sharing, Monitoring and Countermeasures Provisions in the Cybersecurity Bills

Lessons from Defending Cyberspace

Advanced Threat Protection with Dell SecureWorks Security Services

NIST National Institute of Standards and Technology

CYBER SECURITY GUIDANCE

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe

Cisco Security Optimization Service

Information Security Office

Getting real about cyber threats: where are you headed?

Performing Effective Risk Assessments Dos and Don ts

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

Office of Inspector General

Network Test Labs Inc Security Assessment Service Description Complementary Service Offering for New Clients

Ecom Infotech. Page 1 of 6

Cyber Security for NERC CIP Version 5 Compliance

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

Eliminating Cybersecurity Blind Spots

SECURITY CONTROLS AND RISK MANAGEMENT FRAMEWORK

GUIDE TO INFORMATION SECURITY TESTING AND ASSESSMENT

Information Technology Security Review April 16, 2012

I D C A N A L Y S T C O N N E C T I O N

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Managing IT Security with Penetration Testing

The SIEM Evaluator s Guide

William Hery Research Professor, Computer Science and Engineering NYU-Poly

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Get Confidence in Mission Security with IV&V Information Assurance

SANS Top 20 Critical Controls for Effective Cyber Defense

THE TOP 4 CONTROLS.

Update On Smart Grid Cyber Security

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

CMS Information Security Risk Assessment (RA) Methodology

SECURITY. Risk & Compliance Services

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB Cyber Risk Management Guidance. Purpose

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Verve Security Center

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

Professional Services Overview

Looking at the SANS 20 Critical Security Controls

LogRhythm and NERC CIP Compliance

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

Strategic Plan On-Demand Services April 2, 2015

Property of NBC Universal

Obtaining Enterprise Cybersituational

NHTSA S AUTOMOTIVE CYBERSECURITY RESEARCH. Arthur Carter, Frank Barickman, NHTSA

Extreme Networks Security Analytics G2 Risk Manager

Big Data and Security: At the Edge of Prediction

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

A Love Affair: Cyber Security, Big-data and Risk

AUDIT REPORT. Cybersecurity Controls Over a Major National Nuclear Security Administration Information System

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY

Attachment A. Identification of Risks/Cybersecurity Governance

NASA OFFICE OF INSPECTOR GENERAL

Continuous Network Monitoring

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

IBM QRadar Security Intelligence April 2013

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

CyberReady Solutions. Integrated Threat Intelligence and Cyber Operations MONTH DD, YYYY SEPTEMBER 8, 2014

IBM Security QRadar Risk Manager

Guide to Developing a Cyber Security and Risk Mitigation Plan

PROPOSED INTERPRETIVE NOTICE

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Behavioral Interview Guidelines by Job Roles

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

Understanding SCADA System Security Vulnerabilities

VULNERABILITY ASSESSMENT AND SURVEY PROGRAM. Overview of Assessment Methodology. U.S. Department of Energy Office of Energy Assurance

Energy Cybersecurity Regulatory Brief

Transcription:

Interim Techlogy Performance Report 1 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V2 Company Name: The Boeing Company December 10, 2012 1

Interim Techlogy Performance Report 1 TABLE OF CONTENTS 1. INTRODUCTION... 3 2. GRID LEVEL BENEFITS OVERVIEW... 4 3. CYBER SECURITY RISK ASSESSMENT... 5 3.1 METHODOLOGY... 5 3.2 USE OF AUTOMATED TOOLS... 6 3.3 RISK EVALUATION... 6 4. REMEDIATION AND CONTROLS... 8 4.1 20 CRITICAL CONTROLS FOR EFFECTIVE CYBER DEFENSE... 8 4.2 ITERATION 1 DESIGN AND DEVELOPMENT CANDIDATES... 8 5. SUMMARY AND NEXT STEPS... 9 Appendix A - Smart Grid Benefits Impact Areas.... 10 2

Interim Techlogy Performance Report 1 1. Introduction This document represents the first of three Interim Techlogy Performance Reports for the Project Boeing SGS. Under a cooperative agreement with the Department of Energy, Boeing and its partner, PJM Interconnection, have teamed to demonstrate advanced techlogy solutions focused on cyber security in an energy management environment on the US regional power grid. The team is employing a combination of processes, techniques and techlogies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor cyber-security risks to critical systems. The successful completion of the project s objectives will benefit residents throughout the entire region and provide future opportunity to scale and replicate across the energy grid. This Techlogy Performance Report, identified as TPR1 on the Project Integrated Schedule shown in Figure 1, covers the critical Phase I Risk Assessment and the initial portion of the Phase II Solution Design and Development. Solution development and deployment is being undertaken in a serial-parallel fashion consisting of multiple iterations of specific candidate solutions designed to mitigate vulnerabilities uncovered during the Phase I Risk Assessment. Figure 1- Project Boeing SGS Integrated Schedule Boeing Tier 1 Schedule 10/25/12 Tasks 2011 2012 2013 2014 S O N D J F M A M J J A S O N D J F M A M J J A S O N D J F M A Program Milestones Amendment 003 Program Phase I Review Phase IV Demo Readiness Review Authority to Proceed Close-Out Phase II Go / No-Go Phase III Go / No-Go Phase IV Demonstration Complete Final Technical Program Mgmt Review (PMR) PMR PMR Report Complete Key Events Phase I Project Definition / Risk Assessment Phase II Solution Design and Development Phase III Solution Deployment Phase IV Solution Demo Program Close-Out Interim Demonstrations TPR 1 Includes results of RBA TPR 2 Includes results 1 st half solutions TPR 3 Includes results 2 nd half solutions FTR Final Technical Report Boeing Proprietary 3

Interim Techlogy Performance Report 1 2. Grid Level Benefits Overview Enhanced protection of critical grid infrastructure from potential cyber-induced harm is a fundamental societal benefit realized through the execution of this project. Assessing the discrete cyber-security risk to the electrical grid as a whole or even as a control region such as that represented by PJM s control territory is beyond the scope of this project. However, by focusing the project s cyber-security riskbased assessment on PJM s critical systems, subsequent remediation efforts (both project funded and off-project funded) will ultimately address those vulnerabilities that are most critical to providing an improved level of cyber-security for the electrical grid. The project team has completed the Phase I Risk Based Assessment of PJM s critical systems, the results of which will guide the subsequent solution development, deployment, and demonstration phases of the project. Figure 2- Project Boeing SGS Linkage to Smart Grid Benefits The key activities and outcomes of the Cyber-Security Risk Assessment are depicted graphically in the first block of Figure 2. The risk assessment culminated in a risk matrix derived from the pairing of likely threat actors (sources) to identified critical asset vulnerabilities. The second block of Figure 2 depicts cyber-security control remediation directed at identified vulnerabilities. Solution development and deployment candidate activities have already commenced and the remaining phases of the project will be focused on these activities. The final block depicts the Smart Grid Benefits of improved reliability and reduced potential for cyber-induced grid disruption that result both directly, from activities funded as a result of this project, and indirectly, from activities funded outside of this project that result from findings of the of the project s risk based assessment. Additional indirect benefits may also be realized across the electrical sector through opportunities to replicate the processes, tools, techniques and solutions developed on this Smart Grid demonstration project. 4

Interim Techlogy Performance Report 1 3. Cyber Security Risk Assessment A fundamental first step of the project was to determine cyber security risks to the PJM network / information system that supports the regional Bulk Electric System (BES) operated by PJM. Risk management of the PJM information system is essential to protecting cyber assets and thus PJM s overall mission. The risk management process identifies risks, assesses risks, and then takes steps to reduce risk to an acceptable level. This section summarizes the completed Phase I Risk Assessment. The scope of this assessment was constrained to high-value PJM information systems and provides a baseline for remediation efforts. 3.1 Methodology The risk assessment adhered to NIST Special Publication 800-30 (Risk Management Guide for Information Techlogy Systems) by executing each of the eight defined steps while tailoring step details for the energy sector. Step 1 determined the portion of the PJM system to be assessed which resulted in focusing the data collection and assessment to the PJM Identified high-value systems and followed by a further narrowing to three high-value systems and their support systems. Step 2 defined seven potential human threat-sources in two groupings: external (nation-state, terrorist, industrial spy/organized crime, hacktivist/hacker) and internal (employee, member, and vendor). The assessment focused on human threat-sources as opposed to natural and environmental threat-sources due to resource constraints and because PJM policies, standards and procedures already mitigate natural and environmental threats. Step 3 defined applicable vulnerabilities as the 52 vulnerability categories and associated definitions in NISTIR-7628 (Guidelines for Smart Grid Cyber Security, Vol 3). This set is considered energy sectorapplicable and comprehensive because it includes vulnerabilities related to policy, software/firmware, platforms, and networks. In addition, step 3 identified specific PJM vulnerabilities which were also associated with each of the 52 categories and applied in following steps. Step 4 identified the current PJM security controls that apply to high-value systems. These controls were identified within PJM s policy, standards, and procedure documents (70 of 140 were considered applicable and reviewed). Each PJM control was associated with one of the 205 controls in the wellkwn standardized set from NIST SP800-53. Each standardized control was associated with one or more vulnerability categories in Step 3. It is the 364 (7x52) pairs of threat-sources and vulnerabilities from steps 2 and 3 and associated controls in step 4 that formed the threat space for the risk evaluation. Step 5 assigned a likelihood rating to each threat (a combination of a threat-source and vulnerability category mitigated by kwn controls). At the highest level, the likelihood rating is a subjective 5

Interim Techlogy Performance Report 1 judgment of how likely a threat is to be successful against one of the three high-value systems. A modified Open Web Application Security Project (OWASP) methodology was used to determine the likelihood rating (range 0-9) where larger values represent a more likely occurrence. Step 6 assigned an impact rating to each threat. Similar to the likelihood rating, the impact rating is an estimate of the likely damage if the threat was successful against one of the three high-value systems. A modified OWASP methodology was also used to determine the impact rating (range 0-9). Step 7 uses the likelihood rating (step 5) and impact rating (step 6) as an indicator of risk for each threat. This assessment has categorized risk into four levels: low, medium, high, and top high. Step 8 provides an analysis of PJM-specific vulnerabilities and their relationship to risks. 3.2 Use of Automated Tools Along with information gathered by Boeing during interviews with PJM Subject Matter Experts (SMEs), the deployment of automated security analysis tools contributed to the system characterization (Step 1) and vulnerability identification (Step 3) steps. For example one such tool automatically maps network access by analyzing network device configurations, including routers, firewalls and load-balancers and then correlates network access with the findings of vulnerability assessment scans to help make better network security decisions. Ather valuable tool, the Boeing Enterprise Network Security (ENS) tool was also used to help identify vulnerabilities (Step 3) in the PJM information system. ENS detects malicious activity occurring within the network during any of the four phases of the typical threat lifecycle: Phase 1 Reconnaissance: the attacker characterizes the targeted network/information system both from an external and internal viewpoint Phase 2 Intrusion: malware attempts to compromise specific elements of the network/information system Phase 3 Communications Establishment: malware will callback from a compromised internal host to an external command and control server Phase 4 Suspicious Data-In-Motion/Exfiltration: unauthorized data is moved either internal to or exfiltrated from the network/information system 3.3 Risk Evaluation After analyzing the impact and likelihood values for all potential threats, twenty-six (26) Top High risks were identified. Application security vulnerabilities show up as dominant with malware protection, integrity checking, and security architecture and design vulnerabilities to a lesser extent. Few threatvulnerability pairs are indicated in the Low Risk category due to the project focus on critical systems. 6

Interim Techlogy Performance Report 1 Figure 3- Risk Assessment Threat-Vulnerability Risk Matrix Overall, it was observed that PJM currently maintains a robust cyber security posture as witnessed by the following: A reasonable and consistent security training program A strong base of policies, standards, and procedures A good basic set of cyber monitoring tools A threat-aware, vigilant, skilled security/network staff 7

Interim Techlogy Performance Report 1 4. Remediation and Controls Guided by the risk assessment findings, the project team has begun specific solution development activities. While specific vulnerabilities (and associated risks) identified during the risk assessment will t be discussed in this report, general solution candidates for the first iteration of remediation and control response will be presented within a common control framework. 4.1 20 Critical Controls for Effective Cyber Defense The 20 Critical Controls for Effective Cyber Defense is a widely recognized framework of security controls, cooperatively developed between the US Government and industry subject matter experts, to establish a prioritized baseline of information security measures and controls that can be applied consistently across federal and commercial environments. Please refer to www.sans.org/criticalsecurity-controls/ for complete reference and most recent version as maintained by the SANS Organization including mappings to NIST Special Publication 800-53 Priority 1 Controls and NSA Manageable Network Plan content. 4.2 Iteration 1 Design and Development Candidates The project has identified five initial design and development candidates for the first of several remediation cycles. Figure 4 illustrates the general controls areas affected and indicates in which phases of the cyber threat lifecycle where security controls will be improved. Figure 4- Iteration 1 Solution Candidates by Threat Phase and Control Area 8

Interim Techlogy Performance Report 1 The 20 Critical Controls should be viewed more as control categories given that an organization as sophisticated as PJM already has a very large number of very specific controls in place in each of the 20 designated categories. The intent of this project is to direct resources to those areas with the potential to offer the largest degree of security return for the given investment applied. Collectively, the five Iteration 1 candidates fall into three general areas of interest. Enhanced Security Incident and Event Management (SIEM) The intent of this candidate is to enhance an already effective SIEM system through configuration changes and visibility improvements to address both general operational efficiencies and specific risk based assessment findings. Enhanced Malware Protection Several candidate solutions are in work in the area of malware protection to 1) address specific remediation of risk based assessment findings and 2) implement leading edge techlogy to demonstrate significant improvements in malware threat detection capability. Enhanced Application Security Several iteration candidates are in work that fall under the general topic area of Application Security, completion of which is intended to address issues more systematically and establish a framework going forward to enhance overall effectiveness of the Application Security program already in place at PJM. 5. Summary and Next Steps The Project Boeing SGS team has completed the Phase 1 risk-based cyber security assessment of PJM s critical cyber assets. The assessment results form the basis of all subsequent solution design and development activities undertaken within the scope of this project and may guide efforts undertaken outside the scope of this project as well. The first set of solution candidates has been determined and development and deployment of those solutions is currently underway. Candidate solutions for follow-on design and development iterations have also been identified and are currently under review for deployment in the follow-on iteration cycles. Subsequent Interim Techlogy Performance Reports will address the project team s ongoing development and deployment iterations and the remediation activities included in each. The Final Project Report will include a reassessment of the cyber security risk matrix capturing the total realized risk reduction to PJM s critical systems resulting from this Smart Grid demonstration project. 9

Interim Techlogy Performance Report 1 Appendix A- Smart Grid Benefit Impact Areas Benefit Category Ecomic Reliability Environmental Energy Security Benefit Arbitrage Revenue (consumer)* Capacity Revenue (consumer)* Ancillary Service Revenue (consumer)* Optimized Generator Operation Deferred Generation Capacity Investments Reduced Ancillary Service Cost Reduced Congestion Cost Deferred Transmission Capacity Investments Deferred Distribution Capacity Investments Reduced Equipment Failures Reduced Distribution Equipment Maintenance Cost Reduced Distribution Operations Cost Reduced Meter Reading Cost Reduced Electricity Theft Reduced Electricity Losses Reduced Electricity Cost (consumer) Reduced Electricity Cost * Reduced Sustained Outages (consumer) Reduced Major Outages (consumer) Reduced Restoration Cost Reduced Momentary Outages (consumer) Reduced Sags and Swells (consumer) Reduced carbon dioxide Emissions (society) Reduced SO X, NO X, and PM-10 Emissions (society) Reduced Oil Usage (society) Reduced Wide-scale Blackouts (society) Provided by Project? *These benefits are only applicable to energy storage demonstrations. yes yes yes Remarks / Estimates Potential for indirect measurement through avoidance of events Potential for indirect measurement through avoidance of events Potential for indirect measurement through avoidance of events 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information