Burns & McDonnell served as the prime design-build contractor for the Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS) Department of Defense (DOD) Joint Capability Technology Demonstration (JCTD) project focused on protecting critical assets from power loss due to cyberattack or other adverse events within the commercial utility infrastructure. Stakeholders in this mission critical program included the Office of the Secretary of Defense, U.S. Pacific Command, U.S. Northern Command, Naval Facilities Engineering Command-Hawaii, U.S. Army Corps of Engineers, Department of Homeland Security and Department of Energy.
Challenges and Solutions
Burns & McDonnell's unique knowledge of both electrical generation and distribution systems as well as cybersecurity in the utility and DOD worlds resulted in a new approach to creating microgrids within existing installations. Instead of wholesale replacement of the existing systems, the SPIDERS approach allows the commander of the facilities to dynamically repurpose the existing assets to best serve the changing mission of the installation.
In addition to the construction and electrical work, Burns & McDonnell hardened the network switches, firewalls and intrusion detection systems to create a cybersecure network for the SCADA systems and controller devices. In addition to following the standard Secure Implementation Technical Guides, the team used IPv6 for all communication between the SCADA systems and controllers and removed or blocked routing services that make man-in-the-middle and denial-of-service attacks easier.
Burns & McDonnell worked with the stakeholder IT departments to take the microgrid networks through the DOD Information Assurance Certification and Accreditation Process. As they had done for other DOD projects, team members provided the documentation of vulnerability scans and mitigation efforts in the appropriate formats so the stakeholders could receive an Authority to Operate for the networks.
- Network configuration and hardening
- Cybersecurity assessment
- Defense Information Assurance Certification and Accreditation Process (DIACAP) support
- Blue team support in red team exercise