Critical Infrastructure Protection (CIP) standards reduce exposure to vulnerabilities, yet solving them is a difficult task. There are problems in which basic infrastructures consisting of utilities (water, energy generation, distribution, and food) and government services (defense, public safety, and health) which should be a priority. Compounding the issues of protection priorities are scalability, performance, maintenance, and probably the most critical part of the program, how to do so efficiently, given the initial and ongoing financial costs to implement CIP. One of the responsible agencies tasked with CIP is the Department of Homeland Security and the list of infrastructures it has to protect. High on that list are nuclear power plants and nuclear isotopes associated with the medical (i.e.cancer) industry. In addition to the safety in transporting and storing nuclear based elements. DHS is an organization that has to be constantly aware, in real time, where threats and problems may arise, covering 31 different states and 104 commercial generation plants and their connection to the power grid is just one problem it faces. It is about to embark on a unique solution that helps DHS carry out its mandate of CIP and security.
Initially, the problem is determining how to do it based on a standard that didn't exist 5 years ago and where interoperability of equipment, technology platforms and different types of sensors can be accomplished. It is a complex task requiring communication of information across different users and databases. The first step was to determine a standard with which to use. The answer was solved by using a newly ratified standard that facilitate these requirements; Emergency Data Exchange Language or EXDL which also works with XML.
This standard allows the exchange of different information, sensors (protocol), and monitoring systems (at the application level) to interconnect to different databases and then push the compiled data sets to a user making the query. To complete such tasks, a messaging and data exchange has to occur between multiple systems of various operating systems, application design, etc. With EXDL as a standard, the process accomplishes this task - in real time without affecting the data's integrity or use in its existing architecture. Building upon that basic interoperability is the network interface and architecture needed to pull and push the information to external resources, in this case DHS agencies.
There are two methods of integrating into this mixed legacy and advanced technical environment. One is the centralized data warehousing method with new API's into existing applications with a single end point facility and back up, or the second method, which is to leave the primary data sets and applications where they are and create middleware which relies upon a distributed push and pull network design.
“Improving situational awareness of potential security threats in major cities is a top priority,” said Bob Dilonardo, CIO, Domestic Nuclear Detection Office. “The addition of geospatial routing to our data distribution system will enable the real-time monitoring and information exchange we need to quickly and securely coordinate effective responses across all levels of government.”
The problem DHS faces are the shear amount of locations and different sensors and systems involved to monitor the nuclear industry and the environments surrounding them. Centralizing the EXDL exchange of data brings architecture and data management increases risks that should the system experience a failure at a primary (and backup) location where monitoring and data flows are being feed. Designing a routable EXDL dataset in distributed network architecture offers significant advantages, among them, the reduction of single point of failure.
Solace Systems has built a system that facilitates the needs DHS required to fulfill this daunting challenge and was awarded a DHS contract to implement it for the Domestic Nuclear Detection Office (DNDO) use.
In an interview with Senior vice president Larry Neumann and principal systems engineer Hans Jespersen said the application and hardware development required considerable obstacles to overcome.
And the problems don't end there. DHS then has to distribute and share with other agencies information collected and analyzed from various sensors and application all in real time. When I asked Hans Jesperen how Solace created elements to solve this problem he said the parameters were significant:
Asynchronous messaging is a proven technique for collecting information from highly distributed sources and directing it to other applications, most commonly databases or data warehouses. It brings to the table traditional messaging like JMS or MQ does not is (focusing on geospatial events):
- - 20-50 times higher throughput for fully fail safe, never-lose-a-message delivery of information in comparison to a JMS or MQ server. (Details are here: http://www.solacesystems.com/solutions/cross-industry/high-speed-messaging/solacemq ). A JMS server usually peaks at about 5000 messages a second, an MQ server about 2500 msgs/sec, and a single Solace message router can route and deliver up to 130,000 guaranteed messages. For not guaranteed messages like stock market data, those numbers go up to over 10 million messages per second.
- - Each one of those messages can be fully filtered in real time against up to 2 million content filtering rules to match criteria of interest with any field in an XML document. I.e. raising an alert when a radiation reading from a sensor is above a threshold, or routing messages to different places when the XML responder id field equals FEMA, ARMY or RED CROSS. Any XML tag, or combination of tags, is a candidate for a rule or routing. Nothing needs to be predefined or agreed upon. ( to read about how this XML-based routing is done click here: http://www.solacesystems.com/solutions/cross-industry/content-routing-and-transformation )
- - Messages can be transformed in hardware as they are delivered, so perhaps a full message is sent to the army, but sensitive information is stripped out when it goes to the police or red cross. The link above has some info on hardware transformation.
Our newest blade, adds in geospatially aware routing. Instead of matching on a text match, numerical comparison or Boolean, with the geospatial blade installed, you can match on points in polygons, overlapping polygons, and track moving points or polygons.
This design opens up possibilities and eases the technical burden on DHS fulfilling its mandate.
Architecturally, we carry data as a messaging backbone from source (like a sensor) to destination (like a data warehouse) and we simultaneously filter and route the messages based on defined rules of interest - content or geospatial. You can catch the various different kinds of needles-in-the-haystack in real-time, literally in microseconds, before the event becomes a record in a data warehouse where traditional index and reporting action occurs. It is "actionable, real time intelligence" on the information as it is collected, which is fully complementary to traditional after-the-fact analytics and business intelligence.
But can it work with other systems, like data warehoused datasets?
Of course, the data warehouse can also be another input into the geospatial messaging backbone, where the analytic engine finds some interesting pattern and turns that back into a new series of messages that can be filtered and routed as alerts or updated using the same technique.
DHS will have tools that offer increased speed, accuracy and delivery of information to secure nuclear environments and facilities across the country, helping everyone secure this infrastructure.