1 / 12

Lemnos Interoperable Security Project Update: Advancements in Cybersecurity for Energy Systems

The Lemnos Interoperable Security Project, funded by DOE, aims to simplify interoperability for cybersecurity functions in energy delivery systems. Current challenges in device configurations are addressed through a common set of configuration parameters, leading to the development of Interoperable Configuration Profiles (ICPs). Collaboration with partners like EnerNex and Tennessee Valley Authority enhances ongoing lab and field testing, with upcoming milestones focused on secure messaging and access protocols like IPsec and SSH. Future work will rely on industry sponsorship and utility input for prioritization, ensuring the durability and effectiveness of the project's outcomes.

petronella
Télécharger la présentation

Lemnos Interoperable Security Project Update: Advancements in Cybersecurity for Energy Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lemnos Interoperable Security Project &Cybersec-Interop TF Status & Update 7/20/2011 Brian Smith & Slade Griffin EnerNex

  2. Lemnos Project Background • Funded by DOE under the Cybersecurity for Energy Delivery Systems (CEDS) Research and Development Program • Ultimate goal is to make interoperability of devices supporting cyber security functions less difficult to the end users • Often labor intensive and requiring extensive security expertise by the end user • Installed configurations often different for various vendor pairs • Lemnos emphasizes the development and use of a common set of configuration parameters

  3. Lemnos Process • Identifies various security functions needed within a Utility’s control system • Matches security functions to specific Internet Engineering Task Force (IETF) RFCs • Develops INTEROPERABLE CONFIGURATION PROFILES (ICP) for identified RFCs • Identifies specific requirements for RFC • Tests to validate the ICPs

  4. Lemnos Project Partners • EnerNex (Prime Contractor to DOE) • Sandia National Laboratories (FFRDC) • Directly funded by DOE • Tennessee Valley Authority (Utility/End User) • Schweitzer Engineering Laboratories • Sub contractor to EnerNex

  5. Participating Vendors • Participating Vendors To Date • Cisco • Encore Networks • GarrettCom • Industrial Defender • N-Dimension • Phoenix Contact • Ruggedcom • Siemens

  6. Current Lemnos Project Status • Security functions and protocols identified to date • Messaging (Syslog) • Centralized Authentication (LDAP) • Secure channel (IPsec) • Secure remote access (SSH) • Lab testing and field testing continues • DOE funding ending this year • Looking for potential industry sponsorship for future work • Looking for utility input to identify priorities

  7. Upcoming Lemnos Milestones • Testing at TVA • Ongoing (continuing on into Q3/Q4 2011) • Lab and field testing of commercial product by SEL • Lab Testing with Participating Vendors at EPRI Smart Grid Substation Lab in Knoxville, TN • June 2011 (COMPLETE) • IPsec and Syslog • August 2011 • IPsec, Syslog, SSH, LDAP

  8. EPRI Testing Architecture IPsec and Syslog

  9. EPRI Testing Architecture SSH

  10. Lemnos and CyberSec-Interop TF • Goal is to establish relationship between the Lemnos Project and SG Security/Cybersec-Interop TF similar to what has been done with ASAP-SG • Cybersec-Interop TF provides long term stewardship of the ICPs • Preserves the Lemnos work after project completion • ICPs will be provided to OpenSG as they are completed by the Lemnos Project Team • OpenSG will vet, adopt, and maintain the ICPs and make them available to industry • Develop new ICPs in the future

  11. Moving Forward • Challenges for Cybersec-Interop TF after handoff from Lemnos • Versioning of the ICPs • Moving forward, options in the IETF RFC’s will become deprecated to maintain alignment with NISTIR 7628 and other industry guidance • Difficult to maintain backwards compatibility • Interoperability may be at the ICP version level • Certification and Conformance • Additional details needed in ICPs?

  12. For more Information • Brian Smith, EnerNex (Lemnos Project Manager) • bsmith@enernex.com • Slade Griffin, EnerNex • slade@enernex.com • Dave Teumim, Teumim Technical (Cybersec-Interop TF Chair) • dave431@enter.net

More Related