Book title: Cybersecurity Essentials - Charles J. Brooks
Chapter 1 - Infrastructure security in the Real world

From the information provided in the first scenario, consider the National Institute of Standards and Technology (NIST) functions detailed in this section and observe how they relate to each category.

1. How to know if someone or something was attempting to access, disable, degrade, or destroy one or more of the devices and/or systems in the substation?

2. How to detect anomalies and events that might impact the operation of the substation (NIST DE.CM-2, 8)?

(Refer to screenshot for reference)

Transcribed Image Text:

Security Challenges The NIST Cybersecurity Framework was developed by the U.S. National Institute of Standards and Technology (NIST) to provide a set of independent guidelines that organizations can use to implement or upgrade their cybersecurity programs. Because the framework is a product-independent tool, it provides guidelines that any organization can tailor to meet its own cybersecurity needs. The frameworks are divided into five functions (Identify, Protect, Detect, Respond, and Recover) that provide a top- level description of the cybersecurity development process. Each function is then divided into applicable categories that underpin the stated function. Each category is further divided into subcategories and implementation methodology. Finally, the subcategories are supported by lists of reference documents that contain the nuts and bolt of building the cybersecurity program. This chapter will kickstart your thought processes for what you are about to learn in Part I. It contains two specific cybersecurity scenarios to which you will be asked to apply the NIST Framework in order to produce a cybersecurity solution that meets the desired objectives. In each case, you will be provided with specific subcategories to research, along with some guidance to help you produce your solutions. In this first pass through the scenarios, you are expected to generate and record general observations about securing the infrastructure described, as you have not yet been introduced to the supporting material. As mentioned earlier, this is activity is designed to get your cybersecurity thought processes started. In Chapter 5, you will return to these scenarios and use what you have learned in Chapters 2, 3, and 4 to revise your initial assessments. You will also compare your observations to those of professional security specialists who have provided their observations and solutions for these scenarios. Infrastructure Security Scenario 1 You are in charge of planning and implementing a security system for a new electrical substation that will be built next to a new housing development. The substation is equipped with high-voltage electrical switching gear for the surrounding community. It is not manned on a full-time basis but does have a control building that houses instrumentation and communication equipment, as shown in Figure 1.1.

Transcribed Image Text:

COMMUNICATION 345KV SHUNT & CONTROL EQUIPMENT INSIDE REACTOR 345/115KV TRANSFORMERS DOOR CONTROL BUILDING CONCRETE WALL GATE 14 FT DOOR LFIRE WALL 40 FT CHAIN LINK FENCE GATE FIGURE 1.1 The Electrical Substation The high-voltage switch gear accepts electrical power from different sources, which it then conditions and routes to the community users as needed. The energy arrives on a set of different high-voltage supply lines and leaves the facility via different sets of distribution lines. The monitoring devices and control systems in the substation communicate with different parts of the utility's transmission and distribution system to route electrical power where and when it is needed. These communication channels include wireless radio signals, signals transmitted across the power lines, and traditional network communications media.