Cisco Blogs


Cisco Blog > Energy - Oil & Gas and Utilities

Cisco helps Norway Utility Modernize Power Grid

August 22, 2014 at 5:41 pm PST

BKKYou may not have heard about BKK AS. They are actually the second largest power grid owner in Norway with over 180,000 customers. Like many power and energy companies, some of their equipment has been around a long time. It works, but it’s getting old and it’s time to move on to something more cost effective. That’s where Cisco comes in.

I remember starting out my career in IT years ago, when IBM was selling the ‘System370 range’ as it was called. You’ll remember that in those days “nobody ever got fired for buying IBM”. As a young sales person, I found the whole IT thing fascinating. I remember that in those days the customer communications were more measured. We had typing pools, we had face-to-face meetings, and the whole selling process took time. The business customers were upgrading their systems, and the newer kit had a great business case. Maintenance on the old installation was more, over several years, than the cost of new equipment. If you were to do nothing, your competitors would steal a march on you and you’d lose customers as your costs would begin to erode your business.

Well the same is true these days. In the Utility business there is a lot of older (though still reliable, in some cases) equipment. However, some of the older time-division multiplexing (TDM) networks are reaching the end of their useful lives. So it was with BKK AS. Maintenance was becoming onerous. But it’s not just about IT costs anymore. It’s about the missed opportunity of not doing anything. New grid applications are requiring any-to-any communications flows and also pushing for IT and operations technology (OT) convergence.

BKK Fiber AS CEOBKK, therefore, decided to build one reliable IP/Multiprotocol Label Switching (MPLS) network to ultimately securely connect all systems and grid devices. Like many commercial business customers, BKK operates a separate IP network that supports its commercial broadband services. Having had a positive experience using Cisco® technology for the commercial IP network, BKK chose Cisco for the new utility network as well. That’s IT/OT Convergence! Rick Geiger talks about it in his series of blogs stating with: Energy Networking Convergence Part 1 – The Journey From Serial to IP.

The new network needed to support a variety of grid applications, including very critical protection systems for the high-voltage grid. In addition, BKK is using teleprotection systems (both distance protection as well as current differential protection), which require the communications network to support extremely low latency (< 10 ms), deterministic behavior as well as very high availability. So the network needed to be deterministic -- a common need for process control networks.

“Cisco offered the hardware and software features, as well as the reliability, that we needed to put our packet-based utility network into production,” says Svein Kåre Grønås, managing director/CEO, BKK Fiber AS. “It’s also reassuring that Cisco understands where the utility industry is heading, and is committed to connected grid services.”

So what are the results? Well here’s something taken straight out of the newly published case study:

Moving to a next-generation, packet-based utility network will save BKK significant operational costs for the utility network due to the ability to use cost-effective, standardized IP networking gear and avoid maintaining two separate networks at substations.

“Building and operating a high–bandwidth, packet-based network has given us a lot more flexibility. In addition, we can leverage the same processes and skill sets that we use to operate our Cisco commercial broadband network,” says Grønås.

With the new IP-based utility network, BKK no longer needs to reserve bandwidth for TDM communications, and now has more bandwidth available because it can be dynamically allocated. As a result, BKK can now offer the same network resources at substations that are available at corporate office locations. Workers can securely access needed documentation and other network resources at substations and power plants, instead of printing documents beforehand or calling colleagues at the office to gather information as they did in the past.

“This represents a major improvement in workforce enablement, productivity, and maintenance efficiency,” says Grønås.

In addition, this sets up BKK for success for the future. The new IP backbone will alllow BKK to provide new IP-based services and new capabilities in managing the power grid, such as advanced metering infrastructure (AMI) and distribution automation. In the future, BKK can assign IP addresses to sensors and relays to develop smart grid technologies and provide greater visibility into its electrical
grid network.

“The utility industry is changing fast as smart grids become reality and more devices become part of the Internet of Things,” says Grønås. “With our Cisco-based IP utility network, we’re ready to reap the benefits of this new paradigm.”

You can read the whole case study which outlines the Cisco products and services here: Norway Utility Modernizes Power Grid.

Whilst I’m now proud to work at Cisco, some things never change -- the emphasis on solving business issues of enabling business opportunities are key -- it’s not just about cost savings. With Cisco heading towards being the leading IT company in the world, I’m sure we’ll see even more of this kind of customer success in the future.

Tags: , , , , , , ,

Internet of Things – The Technical Reality

August 8, 2014 at 7:28 am PST

 

Internet of Every(thing)s -- Confusing for sure.

 

TWTV 153 IoT Reality

IoT. IoE. Same thing some say. Only different.

Too much for any one show really, but we did our best.

Internet of Things (IoT) is difficult to define as it represents multiple protocols and so many different ideas. We will all continue to learn more as the years pass because this so much more than a single idea, a company or term that can be quantified. The opportunity is absolutely astounding however and as we push these limits we will keep setting new boundaries.

This is a long blog bit here below. If you want to just jump to the good stuff…watch the show! Episode 153 The Internet of Things Reality Show

Otherwise, keep reading. You will be rewarded at the end.

New is not that New.

Bill Joy proposed this idea back in 1999 at the World Economic Forum at Davos as part of his “Six Webs” Design Theory. In 2009, Kevin Ashton recounts his own experience with the term in this this RFID Journal article; “ Today computers and, therefore, the Internet are almost wholly dependent on human beings for information. Nearly all of the roughly 50 petabytes of data available on the Internet were first captured and created by human beings by typing, pressing a record button, taking a digital picture or scanning a bar code. Conventional diagrams of the Internet … leave out the most numerous and important routers of all -- people. The problem is, people have limited time, attention and accuracy—all of which means they are not very good at capturing data about things in the real world. And that’s a big deal…”

There are very real and substantive things being done with IoT

Our goal for this show was to expose you to the reality and give you a few examples.

Yes the numbers are big. The opportunity is even bigger.

TWTV 153 IoT Reality

What it is. What it is not.

IoT: The intelligent connectivity of physical devices driving massive gains in efficiency, business growth and quality of life

Now contrast with IoE which includes IoT but is much bigger, more encompassing and much more prone to confusion and overstatement.

IoE is the networked connection of people, process, data and things. It brings together people, processes, data, and things to make networked connections more relevant and valuable by turning information into actions creating new capabilities, richer experiences, and unprecedented economic opportunity for businesses, individuals, and countries.

IoT is the “Things” portion. To be clear, by “things” we’re really talking about the network of sensors, meters, motors, actuators, objects, but not concentrating on the devices, themselves.

At some point between 2008 and 2009, there was a tipping point where the number of connected devices began outnumbering the planet’s human population.

All of these physical objects began connecting to IP networks imposing new and novel requirements on existing networking models.

IoT presents a problem that IT can’t solve on its own. It needs cooperation between the professionals in the information AND operational technology spaces.

Since IoT is taking the network outside the carpeted office and into new places in the network such as the plant and the field, it requires cooperation and support from professionals in the information technology and operational technology (OT) sides of the house.

OT is Operational Technology. These are the folks that provide non-IT technology solutions for the manufacturing floor, the refinery, the oil rig, the powerlines, railyards and the like. They are also the group that deals with the business and regulatory challenges outside of our relatively “clean” IT world.

This is part of what makes IoT a uniquely interesting challenge. A successful strategy here requires both groups working together to design, deploy and operate what has become a new, very essential infrastructure.

TWTV 153 IoT Reality

Value & challenge in the connectivity

IoT derives its value not from the numerous sensors, devices or even smart objects themselves. These things are rich in data but very poor on information.

Go on.

While the data each of these individual items produces is of little value, IoT enables it to be processed and correlated with other inputs to produce relevant information that can then be used in real-time as actionable knowledge by IoT-enabled applications.

In the longer term, it can be used to a gain deeper understanding for the purpose of developing proactive policies, processes, responses, and plans.

IoT also adds additional complexity to the network of course.

But that’s not the only thing that makes it unique. We should consider Location, Form, Value in the Aggregate and Connectivity.

  • LOCATION: IoT lives “outside”. Outside of what we traditionally call ‘carpeted space.’ IoT is going to receive information right from the source. This requires dramatically different network elements. Smaller, more self-contained switches and routers for the fields, plants, or other operational environments. These are naturally challenging environments that include harsh weather, significant amounts of vibration, dust, and anything else you can imagine. These devices must be rugged. Built to function under the most adverse conditions.
  • FORM: These are Objects or Things, not computing devices -- It’s important to note that these objects are networked together, yet they’re independent of your network – you don’t own them; oftentimes can’t see them; and you don’t control them in any way, shape, or form. Yet they’re sending petabytes of data through your network – data that’s required by the applications to function properly.
  • VALUE IN THE AGGREGATE -- Unlike today’s monolithic applications, where the main value is delivered locally from the application’s code, IoT applications derive most of their value from the intelligence that results from the sum of all these parts. The individual data point within IoT is simulatanously important and worthless. The network is not just required -- it just is. The application is merely the method employed to access that intelligence.
  • CONNECTIVITY- M2M -- The network, and its design, has NOTHING to do with communication or data in that traditional sense. In fact, it is not about connecting people in any way whatsoever. The IoT network is built to deliver automation, visibility and control between the devices and processes that must interact to create value.

Security Challenges

As usual, history provides an important context for understanding the unique risk. IoT may be a new and exciting term, but the idea of connecting many operational devices or sensors has been around a long time. This notion has been important for advances in many factory or automation areas for years.

The biggest change right now is that these formerly closed networks have suddenly been connected, often with little forethought, to what it is then connected to. (Its like approving of a friend for my pre-teen son to hang out with and forgetting he has a ‘fun’ older sister).

We are now connecting things now that were designed at a time when ‘internet’ connectivity was not even imaginable.

Billions of new devices, located in more places throughout the world – many of which are insecure locations – are sending sensitive data through the network … however, these devices reside outside the secure embrace of the existing network. You don’t own them; oftentimes can’t see them; and you don’t control them in any way, shape, or form. Yet they’re sending petabytes of data – data that’s required by the applications to function properly. And who chases a problem when things seem to be working correctly?

IoT doesn’t replace your existing network. It simultanously supplements and relies on it.

TWTV 153 IoT Reality

History of the Factory Floor

Automation started in the 60s when the first digital computers and controllers began to make their way in to manufacturing and processing environments. Many of the existing pneumatically-controlled systems were replaced with digital transmissions using proprietary networks.

With the advent of the microprocessor in the 1970s, Programmable Logic Controllers (PLC) and distributed control systems (DCS) started gaining widespread popularity as many businesses turned to hierarchical forms of control.

Fast forward 10 more years and local area networks began connecting computers with industrial automation systems. During the last years of last century, as ethernet began to emerge as the protocol of choice for IP networking, a specific form of ‘industrial’ ethernet was developed to address the unique requirements for network communication in this area.

Ease-of-interoperability between equipment became part of the automation process. Standardization in the protocol helped to covercome the proprietary data roadblocks and enabled more resilient and efficient automation networks, secure, increased visibility, manageability and uptime.

The commonality between what is essentially two sides of the same protocol has set us up for a convergence between systems.

Learn more about Connected Factory

TWTV 153 IoT Reality

What makes a Switch ‘Industrial’?

Ethernet is certainly a standardized protocol, but there is a big difference between ‘commercial’ and ‘industrial’ switches.

Industrial switches are designed for a broad range of tough conditions -- inside and out.

Unique design considerations on the inside may emphasize deterministic delivery of transmitted data to increase timing accuracy critical for the many control systems dependent on that data flow. Think about it, the economic cost of interruption in this environment is much higher than commercial installations.

On the outside, these ‘tough’ conditions would include temperature extremes, high vibration or severe electrical noise.

You can’t use fans to cool an industrial switch -- dust would choke it…fans often fail too easily. But that heat must still be accounted for

The main application of these networking devices is to provide intelligent connectivity to the “things”, and the things are often located in s0me very harsh environments.

Read more: Cisco Industrial Ethernet 3000 Series Switches

TWTV 153 IoT Reality

From Factory to Utilities

Moving beyond the factory floor, devices – each with embedded sensors, actuators, communication, and computing elements – can create a smart environment with a wide range of applications in healthcare, public safety, transportation, utilities, and the home.

For many years, utility companies had no real visibility to their systems. People had to call to report trouble. Equipment problems were not discovered until they failed and created outages. This all meant that life for those impacted stopped as the utility scrambled to restore service. All without accurate information, at a large expense and with great criticism from customers, elected officials, regulators, media and more.

Today, utilities are being pushed to redesign their operations. They must keep pace with increasing demand, regulatory requirements, aging infrastructure, customer side generation (like solar on the roof) that they are required to purchase and integrate into their system. Although utilities have a reputation for moving very slow and being risk averse, many are embracing these changes energetically.

Learn more about IoT and Utilities

Carol Barret FOG and IoX

FOG Computing

FOG Computing is based on a model in which data, processing and applications are concentrated in devices at the network edge rather than existing almost entirely in the cloud.

That concentration means that data can be processed locally in smart devices rather than being sent to the cloud for processing.

This is critical for IoT since the number of network connected devices is almost limitless. These devices can often produce huge amounts of data.

It’s often a waste of time and bandwidth to ship all the data from these IoT devices into a centralized, cloud model and then transmit the cloud’s responses back out to the edge. This work should take place in the routers themselves.

Cisco IOx enables fog computing through the combination of Linux and Cisco IOS on a single, networked device.

IOx allows data collection to move closer to the source, sensors and systems of origin. It reduces the cost of data collection by eliminating a separate server to run the interface or application and supports demanding utility and industry environments requiring hardened devices.

TWTV 153 IoT Reality

Connected Rail

Some may think trains are just steel wheels on steel rails. But it is so much more.

Depending on where you live -- you may not think much about this, but its big and getting bigger. Its always looking to be more efficient as well.

Trains deal with moving people and stuff. They can already do it more efficiently than any other form of transportation

Railroads are four times more fuel efficient than trucks. They can move one ton of goods about 500 miles on a single gallon of fuel.

They are on average 20 times more efficient than the automobile for transportation of passengers…assuming they are filled to capacity.

In fact, efficiency goes way down when they run with anything less.

Technology innovation is therefore critical for an industry that owns, maintains, and upgrades its own infrastructure to the tune of $20 billion a year. Inefficiencies result in higher operating costs. Improving the operating ratio by just 1 percent can result in a saving upwards of $800 million.

The challenge, as it always is…the complexity, scale, volume, velocity, safety, security, and regulations.

Success in the rail industry is closely linked with its logistics prowess.

They schedule crews, locomotives, freight cars, tracks and terminals….but once these get rolling….the slightest snag in the system -- bad weather, breakdowns, unscheduled maintenance, you name it—will unravel even the best-laid plans.

What an ideal situation in which to apply the Internet of Things.

Thousands of data points that don’t mean much on their own…but when combined…when networked…they can work together to dramatically improve on every since challenge this industry faces.

Cisco is helping to transform almost every aspect of the rail industry

Transforming the riding experience with on-board Wi-Fi, video, and mobile applications that deliver entertainment, advertising, and scheduling information. Train stations are getting an overhaul too with new services like “wayfinding” touch-screen kiosks to help travelers plan trips, check schedules and take advantage of special offers.

All of this is driving increased ridership which as we know, is key to wringing the efficiency, the value, out of rail transportation.

Cisco Connected Trackside replaces old proprietary SCADA networks with converged IP networks. Connected sensors facilitate asset management, controls, surveillance and other services.

This network reduces complexity, lowers costs, and improves safety.

Rail safety is of course a really big deal and for the U.S. At least, its tied to a Federal Mandate.

The innovation is in PTC, which stands for Positive Train Control.

A system for sending real time information to crew members, and the train itself, about areas where the train needs to be slowed or stopped.

The status of approaching signals. Position of approaching switches, speed limits at approaching curves, and other reduced-speed locations, crossings or where work is being done.

PTC communicates with the train’s onboard computer to warn the engineer and display the safe braking distance based on speed, length, width, weight, and the grade and curvature of the track. If the engineer does not respond to the ample audible warning and screen display, the onboard computer will activate the brakes and safely stop the train.

This requires the communication and coordination from a lot of different places. Cisco partnered with Lilee Systems to provide a state-of-the art PTC System.

This system includes

  • The 819 Integrated Services Router with 3G and LTE for mobile WAN access as well as onboard Wi-Fi, live video streaming and other services
  • Industrial ethernet switches that can send power to..
  • Ruggedized High-Def IP based video cameras
  • Wireless Access Points

Learn more:

SIDE NOTE: Railway Signaling is a system used to control railway traffic safely to prevent trains from colliding. Being guided by fixed rails with low friction, trains are uniquely susceptible to collision since they frequently operate at speeds that do not enable them to stop quickly or within the driver’s sighting distance. Most forms of train control involve movement authority being passed from those responsible for each section of a rail network to the train crew. Not all methods require the use of signals, and some systems are specific to single track railways.

The signaling process is traditionally carried out in a signal box, a small building that houses the lever frame required for the signalman to operate switches and signal equipment. These are placed at various intervals along the route of a railway, controlling specified sections of track. More recent technological developments have made such operational doctrine superfluous, with the centralization of signaling operations to regional control rooms. This has been facilitated by the increased use of computers, allowing vast sections of track to be monitored from a single location. The common method of block signaling divides the track into zones guarded by combinations of block signals, operating rules, and automatic-control devices so that only one train may be in a block at any time.
Even more reading…

Thank You.

If you have read this far….I should send you a TechWiseTV T-Shirt… ? Hello, McFly?

I may have enjoyed the research on this show more than any other in recent memory. Did you watch the show yet? Do it now:
Episode 153 The Internet of Things Reality Show

Special thanks to: Roberto De La Mora, Kathy Tebben, Marty Collins, Jeff Aboud, Barry Einsig, Marty Collins, Jenny Gomez, Carol Barret, Yuta Endo and Carol Barret.

Your Friend,

Robb

@robbboyd


Tags: , , , , , , , , , , ,

Western Power Distribution creating the Blueprint for Grid Modernization with Cisco

July 27, 2014 at 6:04 pm PST

I’ve been to the UK twice this year. The traffic is terrible! Worse than I ever remember! Commentators that’s a good sign -- a sign of economic prosperity. That certainly seems to be the case in the UK. My last European-related blog -- Ferguson Group Ltd keeps an Eye on Operations with Cisco Physical Security -- talked about the Oil industry and how the UK’s fortunes were turned around by the North Sea Oil discovery at about the same time the US astronauts were landing on the moon.

This time it’s the Utility Industry -- electric power to be exact -- that’s causing a stir.

Creating the Telecommunication Blueprint for Grid Modernization, Weston Power Distribution had already chosen Cisco for a Low Carbon Study, building a pilot communications infrastructure to support 11kV grid reinforcement monitoring. The Flexible Approaches to Low Carbon Networks (FALCON) initiative, a government funded study project in the UK has the goal of improving the  industry’s understanding of infrastructure needs in a low carbon future.

U.K. utility regulator Ofgem has estimated that £32 billion of new grid investment will be required within the next 10 years, twice the rate of investment over the previous two decades. Western Power Distribution (WPD) undertook a study to see how the cost of reinforcing its 11kV grid can be reduced based on smarter investment that draws on innovative intervention techniques that can replace or supplement conventional methods.
The UK wants to reduce carbon emissions by 80%, while still handling the peaks and troughs of increasing demand. “Reliable and secure near real-time communications is a key element to the FALCON initiative”, as Andrew Longyear, a Cisco thought leader on the subject commented. “The telecommunications and data management within our project such as FALCON is the SMART in Smart-grid, added Roger Hey, Future Networks Manager, Western Power Distribution.
.
The key objectives of the Cisco communications network solution for WPD included:
  • Designing and deploying an IP-based communications infra structure using IEEE 802.16e WiGRID access and backhaul technologies
  • Helping ensure adherence to WPD’s security policy for design and implementation
  • Learning and disseminating all information and findings related to the technologies deployed so far.
  • Creating a blueprint for WPD and for other utilities in the United Kingdom as they test the same intervention techniques

And the intended benefits? Here’s what Sanna Atherton, Innovation and Low-Carbon Networks Engineer, Western Power, said in the video: “The benefits of Project FALCON are to increase the capacity of the network within the Milton Keynes area, and to enable customers to connect to low-carbon technologies”

Watch the video above to see how the initiative is progressing and to hear about the business outcomes achieved and expected. Read the write-up (Western Power Distribution Chooses Cisco for Low Carbon Study) that gives some more background to the project and some technical insight as to how you might benefit from this approach. As always, I’m indebted to the folks in Cisco and the customer for the source material. A big ‘Thank you’!

Tags: , , , , , ,

BC Hydro, Cisco and Itron – a Powerhouse in Canada

June 24, 2014 at 9:23 am PST

With just under two million customers, BC Hydro is deploying the first standards based multi-services in production FAN network with IPv6 802.15.4/RPL mesh to manage the Automated Metering Infrastructure(AMI), Distribution Automation(DA) and other advanced gird applications.

The design is based on Cisco’s Connected Grid Solution utilizing Cisco’s Field Area Router (CGR) and standards based Smart Meter Field Area Network (FAN) technologies and Itron OpenWay® CENTRON® smart meter as well as Itron’s meter data management, collection engine and reporting software.

BC Hydro is fast moving to build an IPv6 network able of supporting 2 Million routable IPV6 addresses in a secure, resilient, and manageable way.

British Columbia for BC Hydro BlogBC Hydro has 41 Dam sites, 30 Hydro facilities and 9 Thermal units and, from a transmission perspective,  has 18,000 km of Transmission lines 260 substations, and 22,000 steel towers!

On top of that, BC Hydro has 56,000 km of Distribution lines  Approx. 900K poles, over 300K of transformers that serve 17 Non-integrated areas.

The area covered by BC Hydro is equal to the area of California, Oregon and Washington state combined. Impressed/? You will be…

OK, enough of the numbers. So what about the business? Well, the idea is to do three things, according to Fiona Taylor, director of BC Hydro’s smart metering program, said in prepared remarks to a reporter at Smart Grid Today:

“Benefits of the IPv6 network include streamlined operations, improved system visibility and revenue recovery,”

By way of history, under a mandate from the British Columbia government to implement AMI, BC Hydro awarded Itron and Cisco a $270 million contract for smart meters and networking, Gary Murphy, chief project officer for smart metering at BC Hydro, told Smart Grid Today in 2011 (SGT, 2011-Aug-10).

HAK22620 - for web

That brings us  to a key part of the customer solution. Itron. Itron is a partner of Cisco, and together we have developed some of the most innovative metering solutions for energy customers.

Also, Itron and Cisco are helping to break down silos in the Energy industry infrastructure. There is real added-value in adopting a standards-based approach to smart metering and smart grid. You can read about it in the white paper here.
Itron’s partnership with Cisco goes back a way, and you can see how it manifests itself in the whitepaper, and the background is well covered in the historic  press announcement (click on the link to view).

A couple of the objectives of the partnership deliver direct value to our customers:

  • Deliver true multi-service, multi-application (applications from metering to grid to workforce) capabilities over a common network infrastructure with standardized and robust security that any utility can implement.
  • Optimize the total cost of ownership of these networks by spreading the cost over a greater number of grid applications and devices.

The way forward is clear. And foggy. That’s because Cisco is delivering its vision of Fog Computing to accelerate value from billions of connected devices -- meters included! More about that next time when I talk about how Cisco IOx enables applications to run directly at the network edge to overcome rising operational costs and spark new innovations in the Internet of Things.

Until next time -- keep the power on!

 

 

Tags: , , , ,

Energy Networking Convergence Part 2: Cyber & Physical Security

This is the second of a four part series on the convergence of IT and OT (Operational Technologies) by Rick Geiger

Physical Security has evolved from serial communication to modern systems that are largely, if not completely, IP networked systems.  The unique requirements of physical security have often lead to shadow IT departments within the physical security department with networks and servers procured and operated by the physical security department with little or no involvement from IT.

Intersections with IT and the corporate network began with the interconnection of physical security systems and the placement of physical security appliances on the corporate network to avoid the cost of wiring that would duplicate existing networks.  At one time IT may have been persuaded that these “physical security appliances” didn’t need to be managed by IT.  But that persuasion was shattered by malware infections that revealed far too many “physical security appliances” to be repackaged PCs with specialized interface cards.

HAK22620 - for webIT departments scrambled to locate and remove these vulnerable devices and either outright banned them from the corporate network or insisted that they be managed by IT.  A hard lesson was learned that just as the organization, including IT, required physical security, video surveillance and badge access control, the physical security department needed the cyber security expertise of IT to protect the communication and information integrity of networked physical security systems.

Convergence is sometimes regarded as the use of physical location as a criteria for network access.  Restricting certain network access to a particular location and/or noting any discrepancies between the location source of a login attempt and the physical location reported by the badge access system.  For example, the network won’t accept a login from Asia when that user badged into a building in Philadelphia.

The need and opportunity for Cyber and Physical security convergence is much broader than network access.  Physical Security systems need Cyber Security protection just as Cyber Systems need Physical Security protection.

What are, at a very high level, the primary activities of Physical Security on a day to day basis?

  • Protect the perimeter
  • Detect breaches
  • Situational awareness
  • Standard operating procedures define for anticipated events
  • Forensic to gather, preserve and analyze evidence & information

Physical security personnel often have a law enforcement or military background, and approach these activities from that point of view.

HAK22891-webOver time, the technology of physical security has evolved from walls, guns and guards to sophisticated microprocessor based sensors, IP video cameras with analytics, and network storage of video & audio.  Although there are many examples of close collaboration between IT and Physical Security, there may also be tension.  Physical Security departments defend their turf from what they perceive as the encroachment of IT by claiming that they are fundamentally different.

A quick look at the Physical Security systems quickly reveals something that looks very familiar to IT. Networked devices, servers, identity management systems, etc. are all familiar to IT.

At a very high level, the primary activities of Cyber Security can be grouped into a set of activities that are very similar to Physical Security.  The common process that both need to follow is a regular review of Risk Assessment:

  • What are the possible threats
  • What is the probability of occurrence of each threat
  • What are the consequences of such occurrence
  • What are cost effective mitigations — as well as mitigations required by compliance

The Risk Assessment process is an integral part of NERC-CIP V5, which requires a review at least every 15 months of “…cyber security policies that collectively address…” CIP-004 through CIP -011.  Implementation is required to be done “..in a manner that identifies, assesses, and corrects deficiencies…

Many of the activities Cyber and Physical Security overlap and need to align:

  • The use of IT Technology in Physical Security systems
  • Overlapping Identity Management
  • Device Identity management
  • Requirement for IT process maturity
  • IT security required for Physical Security systems
  • Physical Security required for IT Systems
  • Consistent future strategy & direction

The bottom line is that the activities of Physical and Cyber security have many parallels with opportunities to learn from each other and collaborate in threat assessment and risk assessment strategies and coordinated implementation and operation.  NERC-CIP V5 has mandatory requirements for both Physical and Cyber security.  Modern security, both Physical and Cyber, need to move beyond reacting to events that have already occurred, to agility and anticipation.

What does this mean for Cisco?

Cisco has a portfolio of leading edge Cyber and Physical Security solutions.  Cisco’s Advanced Services offerings help our customers develop and deploy a collaborative, unified approach to Physical and Cyber security.  NERC-CIP V5 is a compelling event for the electric utility industry.  The transition period is underway with completion required by April 2016.  Are you up to date on Cisco’s solutions and capabilities? We are here to help!

Tags: , , , ,