Solutions were for automated tools to scan and inventory Facility Related Control Systems (FRCS) in DoD facilities. FRCS related to real property assets include systems such as Fire and Life Safety (FLS), Utility Monitoring and Control Systems (UMCS), Heating, Ventilation and Air Conditioning (HVAC), etc. To enable installation and enterprise level decision making to improve the cybersecurity poster of our FRCS, it is important to have accurate and current inventories of control systems and their components.

Successful tools must be able to meet one or more of the following sub-objectives, and must be able to receive an Authority To Operate (ATO) after undergoing the Risk Management Framework (RMF) process:

• Active or passive scanning of connected devices at Levels 0-4 (see Figure 1) including IP and non-IP devices. In many cases, this will likely require connecting to multiple separate or segmented enclaves at a given physical location to capture and integrate the total inventory of devices.
• A full listing of desired protocols is provided in the background section.
• Scans should not disrupt operation of devices (i.e., brick devices).
• Generate tabular (and/or graphical) list of all devices with relevant information including:
  • Output into Excel file
  • Dependency mapping
• Provide the following minimum information about the devices:
  • Device identifier (e.g., Model number, manufacturer, etc.)
  • Address (e.g., IP address, BacNET MS/TP address, Modbus address, etc.), where available
• Ideally, provide as much addition information as possible, such as:
  • Protocol(s) used by the device
  • Ports in use
  • Firmware version
• Demonstrate significant labor and cost savings compared to traditional approaches.
• Mobile (i.e., tablet based) solutions are desired, but not required.

Figure 1: DoD 5-tier FRCS reference architecture

Successful technologies and solutions will help the DoD build resilient and efficient installations by having a comprehensive assessment of their FRCS inventory. The demonstrated solutions will inform DoD installations in their installation assessment and resilience planning activities. Any technologies/solutions will significantly reduce the manual nature of the current inventory process and enable for continuous inventory of these systems.

It is critical to maintain operations in the event of grid outage to support mission preparedness and readiness. The National Defense Authorization Act for Fiscal Year 2021 highlighted the importance of on-base energy resources and reduction of the DoD’s dependence on off-base resources. The installation energy priority of the DoD is to ensure mission readiness by pursuing energy resilience. Most of these goals depend on FRCS for successful execution; as systems get increasingly complex, automated tools are needed to inventory them for visibility as well as cybersecurity.

Example protocols in use for communication by the device are:

• Ethernet:
  • BACnet – Native
  • BACnet over IP
  • C37.118
  • COMTRADE
  • DNP 3.0
  • IEC-61850
  • FTP
  • Modbus
  • MV-90
  • SEL
  • Telnet
• Serial:
  • BACnet
  • DNP 3.0
  • IEC-61850
  • Lon
  • Modbus
  • N1
  • N2
  • SEL