Scope and Challenges
The tender for the lucrative project specified securing and monitoring the production turbine operations in a 3,000-MW coal-based, multi-turbine power plant, where each turbine (as well as other industrial processes) was to be secured individually for intrusion detection as well as for control and maintenance operations.
The project’s specifications called for a central IDS, installed at a Security Operations Center (SOC), for analysis of network traffic received from each operational unit as well as for network visibility.
This created the challenge of sending extremely large volumes of data without overloading the plant’s local area network, as is the case with most data traffic collectors.
In addition, the tender called for a secure, rule-based user access authorization management system for each operational unit, that would provide full control over scheduled maintenance operations.
As expected in a project of this scope and criticality, practically every leading OT cyber-security vendor worldwide responded to the tender.
As part of the selection process the operator compared the analysis results for the same snippet of data traffic.