Production in the Cloud

Similar documents
Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Remote Voting Conference

Security Issues in Cloud Computing

Seeing Though the Clouds

VMware vcloud Powered Services

Historians and Production Management as Cloud Applications

OWASP Chapter Meeting June Presented by: Brayton Rider, SecureState Chief Architect

CLOUD BASED SCADA. Removing Implementation and Deployment Barriers. Liam Kearns Open Systems International, Inc.

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

CHAPTER 8 CLOUD COMPUTING

Clinical Trials in the Cloud: A New Paradigm?

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

Securing Oracle E-Business Suite in the Cloud

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University

The Cloud in Regulatory Affairs - Validation, Risk Management and Chances -

Unified Communications and the Cloud

Capturing the New Frontier:

Making Leaders Successful Every Day

Enhancing Operational Capacities and Capabilities through Cloud Technologies

Cloud Computing Submitted By : Fahim Ilyas ( ) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

Cloud Computing Technology

OVERVIEW Cloud Deployment Services

Trust but Verify. Vincent Campitelli. VP IT Risk Management

Deploying a Geospatial Cloud

BUSINESS MANAGEMENT SUPPORT

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Secure Cloud Computing through IT Auditing

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

security in the cloud White Paper Series

Why Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB

Cloud Services Overview

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

The Need for Service Catalog Design in Cloud Services Development

Cloud Security and Managing Use Risks

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

GETTING THE MOST FROM THE CLOUD. A White Paper presented by

Fundamental Concepts and Models

Ten Myths of Cloud Computing. Gene Eun Sr. Director Product Marketing, Cloud September 29, 2014

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

Architecting the Cloud

Performance Management for Cloudbased STC 2012

IT Audit in the Cloud

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)

Security & Trust in the Cloud

IS PRIVATE CLOUD A UNICORN?

Information Security: Cloud Computing

Cloud & Security. Dr Debabrata Nayak Debu.nayak@huawei.com

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Cloud Computing Paradigm Shift. Jan Šedivý

The Elephant in the Room: What s the Buzz Around Cloud Computing?

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Cloud models and compliance requirements which is right for you?

How To Secure Cloud Computing

CLOUD COMPUTING. A Primer

Kent State University s Cloud Strategy

Cloud Computing for SCADA

CNG IN A BOX: Cloud Based Enterprise Historian w\dash Boarding Solution for CNG Fueling Stations

INTRODUCTION THE CLOUD

Cloud Computing: Background, Risks and Audit Recommendations

Cloud Security Specialist Certification Self-Study Kit Bundle

Who moved my cloud? Part I: Introduction to Private, Public and Hybrid clouds and smooth migration

Virtualization Technologies in SCADA/EMS/DMS/OMS. Vendor perspective Norman Sabelli Ventyx, an ABB company

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

The cloud - ULTIMATE GAME CHANGER ===========================================

VIEW POINT. Getting cloud management and sustenance right! It is not about cloud, it s about tomorrow s enterprise

Cloud: Where are we now? Gerald Gerry Seaman Cloud Marketing Manager Intel - Data Center Group Enterprise High Performance Group

CLOUD ERP AND ACCOUNTING: SELECTION AND PLANNING GUIDE

Cloud Computing. Cloud computing:

Secure Cloud Computing

Key Considerations of Regulatory Compliance in the Public Cloud

Cloud Virtualization Specialist Certification Self-Study Kit Bundle

Compliance and Cloud Computing

Building Private & Hybrid Cloud Solutions

Cloud Computing. Bringing the Cloud into Focus

Cloud Security Introduction and Overview

John Essner, CISO Office of Information Technology State of New Jersey

What Is the Cloud?

How to ensure control and security when moving to SaaS/cloud applications

Leveraging the Cloud. September 22, Digital Government Institute Cloud-Enabled Government Conference Washington, DC

Cloud Computing An Elephant In The Dark

Cloud Computing Overview

Transcription:

2/18/2013 Production in the Cloud Presentation by: Rick Dmytryshyn, Program Manager Ph. (303) 882-1282, E-mail. rick.dmytryshyn@willbros.com

Presentation Overview DEFINITION: What is the Cloud? SECURITY: Is a Cloud Solution for you and is it secure enough? EXECUTION: Ten (10) potential steps to executing a Cloud-Based Solution! Questions & Discussion

What is the Cloud? Terminology, Definitions, Rationale: Simply put, the Cloud means Cloud Computing : According to Business Insider (08/30/2012) - 51% Of People Think Stormy Weather Affects 'Cloud Computing' It is a method of computing that provides capacity in elastic ways to either: expand to meet user needs contract when demand decreases. It is an infrastructure of on-demand capabilities using virtualized resources including pools of storage, network, processing, and other computational resources that can be efficiently allocated when requested and quickly provisioned in a highly automated fashion.

Misperceptions & Concerns? Initial Concerns: Ninety-five percent (95%) of those claiming they never use the Cloud, actually do so daily via personal online banking, shopping, social networking, and storing photos and music. As the Cloud can appear to be everything to everyone, logical questions arise: is it appropriate for my industry? is it safe? is it secure in my business application? how does one execute a Cloud Solution? are there aspects to a Cloud Solution that if one does not pay attention upfront, will they later rain down on the desired implementation goals?

Cloud Computing (Typical Infrastructure Components) Simplistic Architecture: Applications Instance Instance Instance Instance Instance SaaS Public Network Virtualization Storage/Servers Physical Computer Hardware Hypervisor Physical Computer Hardware PaaS TCP/IP Private Network IaaS Cloud Deployment Model: Public, Private, Hybrid PaaS - Platform as a Service (Build) IaaS - Infrastructure as a Service (Host) SaaS - Software as a Service (Consume) IaaS & PaaS is what we use to create SaaS

S 2 aas (Service as a Service) A Step Further: Consultants and Service Companies are now looking at providing S 2 aas solutions, which in the case of Willbros, is term meaning: Service as a Service. These companies don t strive to be Cloud Providers or build PaaS or IaaS environments on their own, in and above themselves. The focus is to provide Consulting Support and a complete Cloud Solution focusing in on both SaaS and S 2 aas Components. As an aside, Willbros is one of these Cloud Solution and Services experts and strives to help it s clients and potential clients with their Cloud Solution & SCADA implementation needs.

Cloud Computing (Typical Characteristics) Cloud Computing Approach: Cloud Computing is a business model solution. In this elastic model, you: Lease or rent the computers (PaaS/IaaS) Lease or rent the software (SaaS) Lease or rent the communications medium Five (5) typical benefits of Cloud Solutions: 1. On-demand self-service 2. Ubiquitous network access 3. Location independent resource pooling 4. Rapid elasticity 5. Measured service with Pay-Per-Use

Cloud Computing (Reasons for Implementation) Implementation Rationale: Capex to Opex Avoid the IT cue IT Capabilities Extends abilities Business Focused - Not IT but Operations Driven Standardization - Infrastructure (Abstraction) Support - Free of SW/HW Installation (log in/go) Access Ubiquitous (TCP/IP) Elastic - (Expand to meet demand) Service-Based - Get billed for what you use Speed - Deployment and access Cheap(er) - Superior Economics On Demand - No long term contracts Independent Application & OS

Cloud Security vs. On-Premise Security IT Information Security considerations are the same for On-Premise versus in the Cloud! The solution must be considered as a risk-based model; in order of importance: Integrity: Keeping information unaltered unless authorized Availability: To have information available, when requested with no data loss Confidentiality: Keeping information confidential

Cloud Security is a SHARED Responsibility From our experience, Cloud Providers secure their infrastructure at highest levels based upon Industry Standards: ISO 27001 - (Government IT Industry Standards, PHMSA & API recommends ISO 27001/2) FISMA (Moderate) (Government Classifications, Encryption Processes, etc.) PCI DSS (Financial Industry, Custody Transfer) SAS 70 Type II (Audit Security (Sox)) Hypervisor (You) are responsible for securing the application layer & you OWN the access to servers & services: Use Private Cloud spaces, Encrypted Data Techniques (in-flight & at-rest), & two (2) Point Authentication (2FA)) Shared: Service Level Agreement (SLA) Shared structure, responsibility and consistency Can jointly implement: SOX, ISO 9000, ISO 27000

Cloud Security Organizations / Policies & Government Driven: Critical Infrastructures Act of 2002 Organizations: Cloud Security Council (Alliance Congress) https://cloudsecurityalliance.org/research/spac/ InfraGard (Shared Approach vs. Gov. one-way) http://www.infragard.net/ Intelligence and Nation Security Alliance http://insaonline.org/index.php?id=746 Pipeline Cloud\Regulations\Cyber Security http://www.fas.org/sgp/crs/homesec/r42660.pdf In 2011, Federal CIO of the United States required ¼ ($20B) of all Federal IT spending on Cloud implementation.

Risk Management Framework Executive Summary Steps Typical Security Solution Implementation Steps: OCTAVE (Baseline Solution Functional Requirements) Phase 1: Build Asset-Based Threat profiles Phase 2: Identify Infrastructure Vulnerabilities Phase 3: Develop Security strategies NIST RMF (Security Solution Execution Details) Step 3: Implement Security Controls Step 4: Assess Security Controls Step 5: Authorize Security System Step 6: Monitor Security Controls Note: NIST RMF steps 1 & 2 are omitted due to repetitive steps required within OCTAVE. OCTAVE phases provide a more systematic, context-driven and self-directed risk evaluation. NIST RMF steps are used for implementation and continued monitoring of security system.

Cloud Solution Approach What do you want to accomplish? Greenfield Operation: Start from the overall business goals down to the plant floor objectives. Existing Operation: Assess existing data, quality and integrity. Assess future data needs for business goals. Retrofit Operation: Cloud Solution is the toolset to allow accomplishment of business goals. Willbros recently implemented a Virtualized SCADA Host (Control Center) which was Client based and Cloud-Based. Ten (10) execution steps were used.

Cloud Solution Steps & Order Ten (10) Logical Steps to a Cloud Solution! 1. Existing Data Validation, Integrity and Quality Validate and verify the Integrity of your existing data. Solution success depends on solid data Quality and process understanding. Project FEED Documents will ensure structure & modularity in execution. 2. Communications Media & Architecture Status Document existing Network and Comms. Ensure understanding of data (source to host) Document and understand interdependencies. Understand SHARED security for complete data validate in solution.

Cloud Solution Steps & Order Ten (10) Logical Steps to a Cloud Solution! 3. Centralized SCADA (Host) & Advanced Apps Advanced Host Application Interfaces, Interdependencies & Requirements for validated & historical data must be determined & prioritized to understand minimal performance characteristics. 4. Reconfiguration Requirements Business goals, data characteristics / requirements, and desired solution configuration and performance are understood and documented. Implementation decisions can be finalized for operational platforms and 3 rd party suppliers. SLA agreements are finalized.

Case Study: Communications Architecture Example

Case Study: Oil Pipeline SCADA Notes Assisted Client in determined system overall performance required. Coordination of Communications (Cellular 3G, VSAT) systems, Data Center and Cloud provider. Generated SCADA & LDS RFIs and response evaluation to ensure client s needs are met. Virtualized Cloud Solution evaluation results: At existing sites, existing PLCs were adequate but required a Protocol Converter & Data Concentrator DNP3 Communication Protocol required for Store & Forward / Report-by-Exception (RBE) Schneider Electric SCADAPack RTUs & ClearSCADA chosen for native DNP3 Protocols, integrated Historian & prior Cloud-based experience. 3G/VSAT Cellular provider issues: Critical Infrastructure Tier Levels and shared data modeling! NO DATA LOSS!!!!

Cloud Solution Steps & Order Ten (10) Logical Steps to a Cloud Solution! 5. Pilot Testing for Performance Validation Verify the real world performance meets with business performance goals. Crucial to Pilot Test Cloud-Based Solution performance from Source to Host. Communications performance can verify continuous data flow and high uptime rates. 6. Performance Validation = Revisited Goals Revisit Business Goals against real world pilot performance adjust goals as necessary. Performance limitations will help further define design details and project expectations. Make decisions and/or compromises for solution against known risks and documented issues.

Cloud Solution Steps & Order Ten (10) Logical Steps to a Cloud Solution! 7. Implement Structured & Modular Solution Detailed Engineering Design Documents are created and utilized. In-House Testing crucial prior to witnessed Factory Acceptance Test (FAT). Detailed Deployment Commissioning Plan essential. 8. Deployment / Commissioning & SAT Interdependencies must be determined and addressed upfront. All data must be physically verified; allowing proper Management of Change (MOC) A Performance Oriented Site Acceptance Test (SAT) validates Cloud Solution.

Cloud Solution Steps & Order Ten (10) Logical Steps to a Cloud Solution! 9. Training & Responsibility Transfer To ensure acceptance, involved operators, technicians and managers in FEED design and all witness testing to ensure successful transfer of ownership and responsibility. All training based upon native engineering supporting documents on the project. Is a very crucial to ensure success. 10.Manage / Maintain Cloud Solution Do not implement a solution & forget about it. Reduced lifecycle and significant costs to upgrade vs. incremental advancements. Manage Cloud Solution to realize full benefits. Successful Cloud Solution allows for improvements in system performance

BONUS: MIS/MES Performance Enhancement / Process Improvement Real-Time information provides tools for business improvements. Cloud Solutions ensure data integrity & availability, while maintaining confidentiality. MIS/MES systems provide information when needed. Cloud technologies allow Continuous enhancement and improvement to Quality and Production. Meaningful KPIs can be generated & adherent to! Biggest issue with MIS/MES vendor providers is lack of real world process knowledge to generate meaningful business rules. Not all data is discrete

Summary Cloud Solutions are not an IT or Legal decision. They are Business-Focused Opex. Cloud Solutions are inherently safe when looked at as a shared security responsibility from Data Source all the way through Hosted Applications. Understand the overall Business Goals upfront with a System-Wide Cloud Solution. Flexibility may be required due to physical limitations! The ten (10) suggested execution steps outlined herein can assist in goals that are defined, understood, realized and attainable with a Cloud- Based Solution.

Thank you Google Cloud Presentation Link https://docs.google.com/presentation/d/1h0vdpesqkcl57a5nyosgidternswd6awzbkhfc9z1ky/edit Thank you.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information