Historically, Information Assurance (IA) has not been the focus of Utility Monitoring and Control Systems (UMCS) procurement or implementation within the DoD. As a result, the data communication between Field Control Systems (FCS) and between FCS and the UMCS front-end computers/workstations on individual DoD installation networks is a huge challenge. This has resulted in the procurement of multiple “stand alone” systems, the installation of dedicated networks, or the use of unapproved and unaccredited alternatives such as, the use of commercial networks; each of which increases logistical burden and costs associated with maintaining a separate network.
The objective of the proposed solution is to leverage a highly-configurable, model-based broker development technology to create a controlled information boundary to increase energy system cybersecurity on military installations. A model-based broker will be configured using the Global Information Network Architecture (GINA). The goal is to implement an “intelligent” boundary which will apply to traffic that bridges between the UMCS and the network. This project will demonstrate a cost effective and cyber secure platform enclave solution which will enable operation of UMCS over the military network. The demonstration will occur at the United States Army Corps of Engineers Engineer Research Development Center Construction Engineering Research Laboratory (USACE ERDC-CERL).
GINA is a relatively new interoperability model framework for multi-criteria decision-making, Multi-Criteria Decision Analysis (MCDA), and subsequent system behavior, in any information domain. The framework uses Vector Relational Data Modeling (VRDM), a significant improvement to traditional software design, to implement mission-specific executable information models using configured, model-based brokers connecting participating systems and sensors into a network-resident, executable System-of-Systems. Behavior Based Information Models – Facilities Management (BBIM-FM) models will be developed within the architecture that are specifically targeted towards UMCS operations.
A successful demonstration will result in an authorized solution to enable operation of UMCSs on military networks with cost savings attributed to the use of GINA as a platform enclave solution. Since GINA enables data agnostic system component usage, it is extremely beneficial for a platform enclave solution. In other words, the system can be configured to broker between any ICS and the military network, irrespective of type of data traffic. This means the BBIM-FM models can be configured to work with various UMCS and software, as will be demonstrated by implementation at a DoD location. In addition to obtaining Risk Management Framework (RMF) accreditation for the UMCS, a baseline and post-retrofit “blue-team” cybersecurity assessment will be conducted.
DoD benefits of this technology include reduced costs associated with UMCS approval at each installation, increased utilization of UMCS capabilities, and reduced operational and maintenance burden associated with maintaining separate networks. By demonstrating and obtaining RMF accreditation as a platform enclave solution, requirements for individual site RMF accreditation will be significantly reduced, enabling implementation of UMCSs on military production networks. Based on initial assumptions, the National Institute of Standards and Technology (NIST) Building Life Cycle Cost (BLCC) tool was used to calculate a simple payback of 3.75 years and 10 year, 15 year and 20 year SIR of 2.42, 2.99 and 3.48, respectively.