NERC CIP Compliance - The Smart Grid

Securing Smart Grid Communication

One of the needs for a robust Smart Grid environment and for complying with NERC CIP and NIST requirements is to centralize control over authentication, authorization, and auditing of system maintenance users. Securing and managing remote maintenance access reduces overall system management costs, simplifies the operations team's processes, and eases the efforts to adhere to security requirements. Data Track's Secure Access solution reduces the cost of supporting managed devices in the substation, increases the security and accountability of remote maintenance, and offers a platform for new, value-added substation management services.

In this brave new world of Smart Grid implementations, having a single end-to-end transport like TCP/IP is essential to keeping operational costs low and network efficiency high. To deliver the necessary performance of all traffic types within the "best effort" model of TCP/IP requires deploying Quality of Service from the operations center to the substation and beyond. Data Track's VPQ is an automated QoS management application that gives operations teams the tools to meet real-time performance expectations from a TCP/IP network, and to mitigate the effects of bandwidth-eating network attacks like Denial of Service.

Since 1979, Data Track Technology has been developing secure voice and data communications management solutions for service providers and enterprises, including electric power utilities. Our team at Data Track can help you comply with the demands of Smart Grid cyber security.

Secure maintenance access, event notification, and network QoS
for SCADA, AMI, VoIP, and other substation TCP/IP traffic

Data Track's Solutions

Secure Remote Access

• Centralize authentication, authorization, and access with SAMS server application
• Deploy Tracker gateways with "serial server", routing, firewall, and VPN functions
• Make out-of-band connections with two factor authentication using AES
• Automate maintenance password management
• Generate audit logs and audit analysis reports

Secure Event Notification

• Send via Tracker "outbound-only" secure modems connected to RTUs in substations
• Receive via Tracker "inbound-only" secure modems at FEP in the operations center
• Authenticate out-of-band connections with a two factor method that uses AES
• Rely on Information Assurance Accreditation from the US Defense Information System Network (DISN)

Automated QoS Management

• Continuously model and analyze QoS to insure priority traffic handling
• Mitigate the potential effects of Denial of Service attacks
• Assess service level agreement (SLA) and regulatory compliance
• Monitor LAN and WAN QoS performance and utilization
• Manage TCP/IP router and LAN switch QoS configuration