skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Lemnos interoperable security project.

Abstract

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance in a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel betweenmore » appliances in order to exchange security data.« less

Authors:
Publication Date:
Research Org.:
Sandia National Laboratories
Sponsoring Org.:
USDOE
OSTI Identifier:
990047
Report Number(s):
SAND2010-1812C
TRN: US201020%%41
DOE Contract Number:
AC04-94AL85000
Resource Type:
Conference
Resource Relation:
Conference: Proposed for presentation at the DistribuTECH 2010 Conference held March 23-25, 2010 in Tampa, FL.
Country of Publication:
United States
Language:
English
Subject:
42 ENGINEERING; 97 MATHEMATICAL METHODS AND COMPUTING; COMPATIBILITY; COMPUTERIZED CONTROL SYSTEMS; SECURITY; TESTING; SENSORS; DATA TRANSMISSION

Citation Formats

Halbgewachs, Ronald D. Lemnos interoperable security project.. United States: N. p., 2010. Web.
Halbgewachs, Ronald D. Lemnos interoperable security project.. United States.
Halbgewachs, Ronald D. 2010. "Lemnos interoperable security project.". United States. doi:.
@article{osti_990047,
title = {Lemnos interoperable security project.},
author = {Halbgewachs, Ronald D.},
abstractNote = {With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance in a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = 2010,
month = 3
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • Abstract not provided.
  • Abstract not provided.
  • The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relatingmore » to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems.« less
  • Many building simulation computer programs, originally developed on mainframe computers for research purposes, can now run on the powerful workstation and personal computers that are available to most architectural and engineering firms. Major efforts have been underway during the last decade to compile these programs on personal computers and make them available to a wider range of building professionals. However, even with the addition of user-friendly front- and back-ends, their use is still limited to a small number of specialized consultants. Considering the tremendous benefits of informed decisions that these programs can support, it is critical to address and resolvemore » the issues that are associated with their limited acceptance. In this paper, the authors report on their research and development efforts to better understand decision-making and develop computer tools that will facilitate the use of simulation software during the building design process. They present a brief analysis of decision-making and then describe how they try to address it in building design through the development of the Building Design Advisor (BDA). Moreover, the authors elaborate on the major issues that they have encountered, discuss lessons learned, and offer recommendations for short- and long-term developments in this area.« less