Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF MARCH 19, 2011 FBO #3402
MODIFICATION

61 -- System to Provide NERC CIP Compliant Access to Substation Data

Notice Date
3/17/2011
 
Notice Type
Modification/Amendment
 
NAICS
221121 — Electric Bulk Power Transmission and Control
 
Contracting Office
Department of Energy, Federal Locations, Western Area Power Administration, Lakewood, Colorado, United States
 
ZIP Code
00000
 
Solicitation Number
DE-RFI-WN04125
 
Archive Date
4/30/2011
 
Point of Contact
Eric M. Samuels, Phone: 9163534537
 
E-Mail Address
samuels@wapa.gov
(samuels@wapa.gov)
 
Small Business Set-Aside
N/A
 
Description
Western Area Power Administration (WAPA), Sierra Nevada Region (SNR) is interested in obtaining information from potential suppliers regarding systems that are designed to facilitate its compliance with current and future NERC Cyber Infrastructure Protection (CIP) Standards, while securely maintaining access to substation data for its maintenance engineers. The following sections list some of the areas of consideration that the Region is considering for possible implementation. Limited, Secure, Logical Access with CIP Compliance Capability. Provide information regarding system design that allows a single point of access at the substation that is designed to be secure and meet CIP Compliance. Describe the extent and method by which the system can be expanded to serve many serial and network devices in the substation while maintaining a single point of access. Describe what CIP requirements are met with your implementation, and how your implementation meets those requirements. Features designed to meet CIP Compliance by taking advantage of existing security infrastructure. Western desires to take advantage of existing workflows and processes for its other systems to meet CIPS compliance for its Substation data. What features does your product provide that allows for centralized management of access that is synchronized to the existing corporate infrastructure (eg. LDAP, Active Directory)? What features facilitate the management associated with authorizing and tracking access to all resources in the system? Describe features of your product that have been implemented to meet the CIP stringent requirements for password change management at the IED level. Please describe features that provide for access control and rights for different levels of users at the IED level. Where and how are these features implemented in your system? Management of IED Configurations. Please provide detailed information regarding features implemented to manage IED configurations. Of particular interest are features that support IED configuration version control, change tracking, detection of actual configuration changes (whether authorized or not), and reporting on configuration changes. Please describe comparison and reporting tools that facilitate the ability for a user to quickly determine and report on detailed changes that have taken place in the configuration of particular devices. Please provide a list of devices or file formats for which you support configuration management with the aforementioned features. Non-operational Data (eg. Fault Data) - Automatic Machine-to-Machine Data Collection. Western SNR is interested in implementations that minimize remote transparent access to substation devices for the purpose of obtaining fault data. What features do your product support that provide for automatic data collection and machine-to-machine transfer of fault data from the substation to a secure control center location for later access by maintenance engineers? Please include details regarding: 1. What formats of fault data you directly support? Of particular interest, discuss your support of specific GE relays, Areva relays, and Schweitzer devices. 2. Please describe the mechanisms that are used to initiate and implement transfer of the data, where the data is stored along the way, and how the user may access it at its destination location. 3. Please describe the industry standard formats that you support such as COMTRADE. 4. How is the conversion from proprietary formats to standard formats accomplished? Is the conversion automatic? Built in VPN Support. Describe built in VPN support that you provide between your system's components. Describe how your system could be used to support CIP electronic security perimeters. Remote Transparent Access. While Western SNR has an interest in limiting the need for engineers to access remote devices, it also recognizes that it may not be able to completely avoid the need for Remote Transparent Access. Remote Transparent Access requires the implementation of some type of tunneling system through which data passes between the user on one end and the IED device on the other. Please answer the following questions regarding the tunneling system: 1. What mechanisms do you use to insure that the tunneling system is secure? 2. For Remote Transparent Access, what parts of your system do you use to control access and to document activity for CIPS compliance? 3. Tunnels should be completely transparent. Is there any restriction on characters for any of the tunnels that would prevent that tunnel from providing complete transparency? Alarm, Status, and Analog Data Support. Describe the support you provide for returning relay alarm data to a secure location for access by engineers. Similarly, describe how your system makes this data available to other systems such as SCADA systems using standard protocols such as DNP. What proprietary protocols do you support for communication with IEDs for this type of data. Of particular interest are GE, Areva, and Schweitzer relays. Availability of Log Data. Failure of a system containing log data may mean that the log data is not available for CIP compliance auditors. What features in your system make it possible to avoid the loss of log data in the event of failure or compromise of system components? Disaster Recovery. While disaster recovery is largely based upon the processes and procedures provide by the organization that owns the equipment, it is possible that certain features or system architecture in installed equipment may be able to facilitate disaster recovery. What features or architectural solutions does your system support to facilitate disaster recovery? Background: This Request for Information (RFI) is for analysis and planning purposes only and should not be construed as a solicitation or as an obligation on the part of the Government. This RFI is being used to identify and gather data. The Western Area Power Administration (Western), Sierra Nevada Regional Office is requesting information to provide NERC-CIP Compliant Access to Substation Data. RFI Guidelines: Parties interested in submitting a response to this RFI should review the RFI Guidelines and questions provided on attachment before developing and submitting any responsive documents. As indicated, this RFI is to solicit responses from the public for information and planning purposes only. This RFI is not a solicitation; therefore Western is not accepting quotes or proposals. Western will review all responses and consider them for information and planning purposes. Western will not pay for information provided. Comments in response to this RFI must be provided to the Western - Sierra-Nevada Regional Office - electronically as an attachment to an email message. All documents providing comments in response to this RFI must be delivered electronically to the following email address using Microsoft Word (.doc) format or Acrobat PDF files. Western recommends that responses to this RFI be under 5 pages in length to include answers to questions. EMAIL ADDRESS: samuels@wapa.gov
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/notices/920d94f76666eed2c72af818ad7da3f0)
 
Place of Performance
Address: Sierra Nevada Region, 114 Parkshore Drive - N1102, Folsom, California, 95630-4710, United States
Zip Code: 95630-4710
 
Record
SN02403490-W 20110319/110317234731-920d94f76666eed2c72af818ad7da3f0 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.