GEDigitalEnergy.com
4
Site Isolation Backup Control System
The Site Isolation (SISO) BCS provides an independent, isolated system that
is loosely coupled with the primary system. Only one site is “active” (primary)
at any given instance in time and the BCS must be manually prompted. Real-
time updates are buffered and distributed in real-time. This BCS supports
both Dual DAC and Isolated DAC scan options. The SISO BCS provides the
highest overall system availability, with a moderate level of bandwidth
required between the two systems.
Standby or Snapshot Backup Control System
The Standby or Snapshot BCS provides a separate system, with a critical
data snapshot, periodically from the primary to the backup system for
manual backup system initiation.
Integrated Backup Control System
The Integrated BCS extends the primary system across two geographic sites,
allowing for four levels of server redundancy.
Secure Architecture
XA/21 systems are implemented with a defense-in-depth strategy to ensure
the cyber security of the production environment, with processes at the
business level and technical security measures at the network, host and
application layers. The XA/21 system is designed to conform to industry-
standard security practices, including those within the NIST SP 800-53
guidelines and NERC
®
CIP standard.
Security controls at the network level include:
• An architecture with a strictly defined perimeter.
• A DMZ network designed to eliminate direct communication between the
critical trusted zone and the external networks.
Security controls at the host level include:
• A system built with only the software, accounts and services required for
operational use.
• Malicious software prevention tools to detect, prevent, deter and mitigate
the introduction, exposure and propagation of malware.
• Only the ports and services required for normal and emergency
operations to communicate.
• File integrity monitoring to determine if unauthorized modifications have
been made.
• Centralized user account management.
• Disaster recovery capabilities.
Security controls at the application level include:
• The use of secure coding standards to reduce the risk of software bugs
and flaws creating security vulnerabilities.
• A system that has been independently tested for security vulnerabilities.
• Access controls designed to enforce authentication and accountability, as
well as minimize the risk of unauthorized access.
Logging and auditing capabilities that allow for traceability of access and
actions.
Visualization – EnterNet Suite GUI
The XA/21 system provides a rich, platform-independent user interface.
Features of the ES GUI include basic SCADA visualization as well as many
advanced situational awareness capabilities that enable operators
to proactively monitor and control the power grid. The ES GUI is fully
internationalized for single- and multi-byte languages and will run on
Microsoft
®
and Linux
®
based consoles.
ES includes bookmarks displays, filtered and sorted summaries, charts and
graphs, time series forms and dashboards. It allows the operator to link
to URLs (e.g., maintenance records, photos, live camera for door alarm,
outage management, geo-spatial maps, etc.). Displays can be referenced
by external applications on the user console using a URL.
Displays
The ES GUI supports dynamic world-, page-, and list/grid-based displays.
World-based displays are primarily used for large, geographic or
schematic system maps. A single world coordinate display is composed
of one or more layers of information that are automatically decluttered
based on zoom level.
Page-based displays are designed to emulate the pages of a book. All pages
are the same size and only one page can be viewed at a time. Page-based
displays are primarily used for station one-line or schematics. The ES GUI
allows the use of same display definition for multiple data sources (SCADA,
Operator Training Simulator, advanced applications and historical playback)
in real-time and study modes.
SCADA summaries are presented as a list- or grid-based display. Grid-based
displays provide a highly flexible and feature-rich method for displaying tabular
data, in which the total number of entries (rows) in the set varies with current
system or filter conditions, and the tabular information is presented in columns
that can be optionally viewed, sorted, re-sized and re-positioned by the user.
Charts and Graphs
Charts and graphs can be dynamically built using drag and drop into a
wizard from a display. The ES GUI supports many chart and graph types
including real-time and historical trends, kiviat, bar, line, compass, wind rose
and power charts. Charts and graphs can be bookmarked and included in
dashboards.
One-line Diagram