Sound Transit – Seattle WA

SCADA Overview

Presented by: Ted Ellis

IT Department SCADA Team Lead

What We Do

• Plan, Build and Operate

Express Bus

Light Rail

Commuter Train

• Where we operate

– Seattle urban area

– 3 counties – King, Pierce and

Snohomish

Service – County MAP

Light Rail Focus

• The Only Sound Transit SCADA system

• Diverse territory

• Unique in Nature - Downtown tunnel shared with bus traffic

• Substantial ridership growth

• Alignment expanding

• Endless challenges

Elevated, At-Grade, & Underground Service

Young, Developing &

Expanding

• Look ahead - 10+ years of expansion

• 2015-16 – new stations North and South

• 2020 and beyond moving East

What our SCADA Monitors

• Train Control • Building Management • Fire/Life/Safety – Emergency Ventilation • Possibly only USA location with shared bus and train operations

within Tunnels

Train and Bus locations Track Switches and Signals Electrical Systems Building Systems Fire Control Systems

Ventilation Systems Emergency Phones and

Cameras

Image represents approx. 1/20th of the existing rail alignment

Structure or Spaghetti?

• Do departments work in silos? • Operations has to make it work; needs help around systems • Does IT support SCADA? • Defining roles and responsibilities • Operational maintenance and operations outsourced?

What is Behind the Locked Door?

Responsible Organization

Activity 1st Tier 2nd Tier 3rd Tier

Radio/Mobile Systems

Preventative maintenance (batteries, test functions, etc.) KCLR

Tunnel Radio Equipment Preventative maintenance KCLR

Antennas KCLR

Portable and Mobile Radio service KCLR

Base Stations and controllers KCLR

Radio alarms KCLR

Radio software updates KCLR

CCTV

Preventive maintenance (clean lens, etc.) KCLR

Camera and cabling maintenance KCLR

Server support KCLR IT Vendor

PA/VMS

Preventive maintenance (speakers, signs, etc.) KCLR

Testing and Inspection (check speakers, etc.) KCLR

Server support KCLR IT Vendor

Building Management

Card key access service KCLR

Intrusion detection performance check KCLR

Maintenance and Electrical

Testing and Preventive Maintenance on Batteries KCLR

Testing and Preventive Maintenance on Power Supplies KCLR

Testing and Preventive Maintenance on UPS systems KCLR

Telephony Systems

Agency PBX IT

Field PBX (testing, housekeeping, etc.) KCLR

Agency desktop telephone sets IT

Field telephone sets (testing, housekeeping, etc.) KCLR

Emergency telephone sets, including blue light phones: admin, configuration, records, releases, etc. KCLR

Passenger Emergency Telephones: admin, configuration, records, releases, etc. KCLR

Network

Cable Plant records, assignments, testing, etc. KCLR

Cabling plant configure, test, maintain, etc. KCLR IT

Maintain circuit assignments IT

SCADA Network Switches, etc. (e.g. GarretCom, Moxa, Edge), maintain and repair KCLR IT

Station Network Switches, etc., maintain and repair KCLR IT

Agency Network Switches, etc., maintain and repair IT

Monitor for alarms on SCADA and Station networks KCLR & IT

Respond to alarms on SCADA and Station networks KCLR IT

Network device configuration IT

Tunnel Wireless (Wi-Fi) equipment, software, configuration, etc. Vendor IT

VPN, Firewalls, other security devices IT

Monitor usage statistics and augment as necessary KCLR & IT

SCADA

SCADA Field Device (e.g. PLCs) break/fix, preventive maintenance KCLR IT DECM

Preventive Maintenance of physical SCADA devices, servers, workstations, overview displays, etc. KCLR

Preventive Maintenance of operating systems, database products, etc. IT Vendor

SCADA Major Enhancements (Hardware & Software) IT DECM Vendor

SCADA Minor Changes (Hardware & Software) IT DECM Vendor

OS and ARINC patching IT Vendor

Data administration IT DECM Vendor

Configuration Management of Field Devices KCLR

Configuration Management of Servers, Workstations & Laptops IT

Disaster Recovery (network, servers, etc.) KCLR & IT

Monitoring of Servers, Workstations, etc. KCLR & IT

Network Storage systems management (backups, etc.) IT

Antivirus Management IT

Email Management IT

Administrative Business and IT Systems

Antivirus Management IT

Email Management IT

Patch Management IT

Database servers IT

Report Servers IT

Application Servers IT

Managing SCADA

• How do you cover everything?

• What happens if the “SCADA Guru” disappears?

IT’s Role in SCADA

• Does IT play critical role in SCADA?

• IT as a collaboration resource between various departments

• ST IT plays a SCADA Router and SCADA Network Switch Role in the Real World

• Cyber-Security

• Start-up & Commissioning, Testing, Maintenance, Standards development & implementation…….

Collaboration vs Separation

• The current norm is separation – Corporate/Agency IT and SCADA Operations do not typically work together

• The future… perhaps:

Collaboration Opportunities

• Cyber-Security, to include network security assessments

• Procurement – hardware and software

• IT knowledge – new technology (ie. Virtualization, tablets)

• Data sharing for ever increasing report requirements and customer service (real-time reporting)

Defense in Depth Architecture

(APTA Part 3b)

SCADA Network

File-Life-Safety network separation

For Sound Transit – IT Work in

Progress

Complete

Closed

Cyber-Security work

Questions?