Trend Watch: Cyber Security Dashboards for NERC CIP Compliance

May 8, 2013
Southern Company’s approach to NERC CIP compliance holds lessons for the manufacturing and processing industries as cybersecurity becomes a business imperative.

I recently wrote about a new trend I encountered at the PAS Technology Conference in Houston that involved the training operators at BASF’s Freeport, Texas, plant to create the HMI screens they use. In that article, I referred to another item of potential interest to industry that involved an interesting approach to cybersecurity compliance.

At the PAS conference, Southern Company—a southeastern U.S. regional energy company with 4.4 million customers and nearly 46,000 megawatts of generating capacity—delivered two presentations involving their compliance with the NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) program.

For Southern Company, cybersecurity is not optional. They are required to address NERC cybersecurity standards, which, according to Southern Company’s systems analyst Larry Spoonemore, includes: maintaining an inventory of all assets and cyber devices/systems at the company’s 290 plants; having a well-defined and followed management of change process; and providing reporting/notification of NERC cyber security compliance.

Spoonemore said that Southern Company uses PAS’s Integrity for automation system mapping and data collection, which is used to as the “basic building block to track our inventory required for cyber security assurance because it (Integrity) sits on top of our disparate systems to track change and provide reporting.”

Southern Company has dubbed its cybersecurity data collection system CSI, which stands for Control System Integrity. Though “CSI” is essentially a simple moniker for the system incorporating use of the PAS product name, the fact that it matches the name of a popular police investigation TV drama is intentional. Through its design, CSI watches everything connected to the Southern Company’s system to ensure compliance.

Having such a system in place is becoming critical for manufacturers of all sizes in light of some of the data Southern Company shared at the conference. They note that one-third of all malware in existence today appeared since the beginning of 2013. And in terms of direct impacts on operations, Southern Company experiences some one million attempts to breach its firewall each day.

The CSI data engine collects 2 terabytes of data each week from all of Southern Company’s plants, which is then fed into Integrity for data mining, Spoonemore said.

FERC (Federal Energy Regulatory Commission) wants to know where you're at in terms of security across all your disparate systems,” said Harvey Ivey, manager of instrumentation and control systems and field support for Southern Company. “So we collect everything because we never know what the rules will eventually require.”

Having all this data collected and monitored is enabling Southern Company to provide a cybersecurity dashboard to its plant managers “so they can know at all times where they stand with regard to NERC compliance,” said Ivey.

Ivey adds that the NERC CIP cybersecurity requirements “drove us to closely monitor management of change. In the process of doing this, we've learned that management of change is simply a good business practice.”

Speaking to the importance of management of change, Spoonemore said, “Cyber security is not a computer problem, it’s a people problem, particularly as it applies to management of change.”

Of course, not every manufacturing or processing company faces the cyber threats that Southern Company does as part of the country’s critical infrastructure. However, cybersecurity is clearly an imperative for all companies and the insight learned from the Southern Company’s NERC CIP compliance strategies offers valuable lessons for us all. The idea of a cybersecurity dashboard—which could only be created with a tool like the Southern Company’s CSI system—is a compelling idea to consider.

Other recent coverage of cybersecurity in Automation World:

About the Author

David Greenfield, editor in chief | Editor in Chief

David Greenfield joined Automation World in June 2011. Bringing a wealth of industry knowledge and media experience to his position, David’s contributions can be found in AW’s print and online editions and custom projects. Earlier in his career, David was Editorial Director of Design News at UBM Electronics, and prior to joining UBM, he was Editorial Director of Control Engineering at Reed Business Information, where he also worked on Manufacturing Business Technology as Publisher. 

Companies in this Article

Sponsored Recommendations

Why Go Beyond Traditional HMI/SCADA

Traditional HMI/SCADAs are being reinvented with today's growing dependence on mobile technology. Discover how AVEVA is implementing this software into your everyday devices to...

4 Reasons to move to a subscription model for your HMI/SCADA

Software-as-a-service (SaaS) gives you the technical and financial ability to respond to the changing market and provides efficient control across your entire enterprise—not just...

Is your HMI stuck in the stone age?

What happens when you adopt modern HMI solutions? Learn more about the future of operations control with these six modern HMI must-haves to help you turbocharge operator efficiency...