Preface

Preface

This Cisco Control Center Virtualization for the Connected Pipeline System Cisco Validated Design (CVD) documents best practice design and implementation of safe, highly available, and secure oil and gas pipeline infrastructure and applications. This CVD identifies customer use cases, maps those use cases to relevant architectures, and describes how Cisco and partner technology are leveraged to deliver unprecedented value for our customers. This CVD:

  • Describes a Low Level Design (LLD) detailing Control Center Virtualization for the Connected Pipeline System. It will provide guidance supporting Supervisory Control and Data Acquisition (SCADA) principles, unified networking and powerful compute for the Control Center.
  • Documents best practices from real world implementations, detailing the designs and architectures that are mapped back to the customer use cases.
  • Addresses real-life customer deployment scenarios by providing a solution that supports implementation of a scalable, secure, and redundant operational network supporting both industrial and multi-service applications.
  • Details support for implementing Control Center application virtualization, secure remote access, the Industrial Demilitarized Zone (IDMZ), and cyber-security.
  • Specifies topology, Quality of Service (QoS), high availability, security services, network management services, and Control Center virtualization implementations.
  • Provides information about enforcing cyber-security best practices that follow the recognized Industrial Control System (ICS) security standards and guidelines including International Society of Automation 99(ISA99)/International Electrotechnical Commission (IEC) 62443, the National Institute of Standards and Technology (NIST) Cyber Security Framework, and the Purdue Model of Control.
  • Documents suggested equipment and technologies, system level configurations, and recommendations. It also describes caveats and considerations that pipeline operators should understand as they implement best practices.

Although this CVD focuses on midstream transport pipelines, the technologies, use cases, and principles are applicable for gathering and distribution pipelines.

Document Objective and Scope

In this initial release, Cisco has partnered with Schneider Electric to provide architecture, design, and technologies for the Control Centers, Operational telecoms network, and the pipeline stations. Cisco provides infrastructure expertise with its unified compute and networking security platforms while Schneider Electric provides the PMS (PMS) leadership with its OASyS Dynamic Network of Applications (DNA) SCADA system hardware and software.

The release will focus on the Control Center environment and security architecture to support pipeline operators. It is recommended that the reader become familiar with the following joint Cisco/Schneider Electric white papers:

  • Integrated Enterprise SCADA System Architectures for Safe and Efficient Pipeline Operations at the following URL:

http://www.cisco.com/c/dam/en/us/solutions/collateral/industry-solutions/dlfe-683318406.pdf

  • Converged Telecommunication Architectures for Effective Integrated Pipeline Operations at the following URL:

http://www.cisco.com/c/dam/en/us/solutions/collateral/industry-solutions/dlfe-683318407.pdf

As with any architecture and design program, functional requirements, use cases, and architectures evolve. Therefore, this CVD will evolve and will be updated in future phases.

Contributors

Jason Greengrass, Solutions Architect, IVSG, Cisco Systems

Rik Irons-McLean, Lead Architect Oil and Gas, IoE Vertical Solutions Group, Cisco Systems

Brian Malkinson, Global Solution Architect, Pipeline Management Systems, Schneider Electric