Simplify And Secure Your Device Data And Engineering Access Management
Stay in control of your devices with PowerSYSTEM Center. Regulatory compliance
is simplified with automated baseline monitoring, remote access control, and automatic scheduled password changes.
Benefit from the device connectivity through automatic event and fault information collection.
Notify users of changes quickly for a pro-active and modern approach to device management.
Dashboards And Reporting
Customizable dashboards and reports ensure you can quickly get the right information in front of the right users.
Customization is done through simple UI-based query building tools or through a PowerSYSTEM Center Query Language to support complex reporting and visualization (PSCQL).
Reports can be scheduled for automatic snapshots ensuring that periodic reporting is never missed.
Every activity within PowerSYSTEM Center is logged into the system. This ensures a complete audit trail starting
from initial installation all the way to the present time.
Password Change Management
Ensure all your devices meet the requirements of NERC CIP-007 (Systems Security Management). Setup policies for password complexity, password changes schedules, and the ability for users to check-out passwords for field servicing work.
Database-level management of password records ensures passwords are not only secure, but virtually eliminates risk of possible password loss by ensuring password transactions are atomic.
All password management functions generate detailed activity logs for auditing and tracking.
Baselining And Configuration Management
Ensure adherence to NERC CIP-010 (Configuration Change Management and Vulnerability Assessments) by managing and monitoring your device’s operating system or firmware, open-source applications, custom software, logical network ports, and security patches.
The device’s configuration is automatically compared against an established baseline. Differences between the baseline and the device’ configuration automatically generate activity records and notifications for a pro-active approach to device management.
Restricted Engineering Access
Front-end remote engineering access to your devices to provide role-based control to devices that may not otherwise provide it.
Automate application logon to those devices to further improve human performance and minimize errors.
Monitor and record communications. Communications rules can intercept messages flagged as unauthorized and prevent transmission to the device.
Leverage your device connectivity by also collecting non-operational event and fault information from your devices.
Tying the data collection with business integration options can drive on-demand collection based on field or SCADA trigger conditions. This ensures data is immediately available after field events.
Organize and manage the field work. Assign workers to groups of devices and statements of work to be performed. Track the progress of workers on those assignments.
Provide temporary access to devices for those workers based on device assignment.
Flexible And Scalable Architecture
Install the system in a way that works for you. The system can be installed on single-instance servers up to high-availability multi-server instances.
Scale concurrent work by simply adding job agent servers to the server pool. Isolate out resource-intensive work to eliminate disruptions to communication efficient tasks.
Automatically push activity records to a syslog or SIEM server through built-in support for syslog publication of activity records.
Use the REST API to build other business integration adapters such as integration with enterprise message busses (like IBM MQ), other business systems (like SAP), or SCADA EMS/DMS systems.
Secure By Design
Competitive solutions promote virtualizing connections from your edge device to your worker’s laptop. The same laptop that connects to the Internet, can receive malicious email,
travels with them, and is at risk of exploit.
PowerSYSTEM Center is always deployed in an environment that guarantees device communications is terminated at a server that is impossible to directly access from the worker’s computer.
In fact, no network bridging technology is required. This ensures it is impossible for malicious packets possibly published from the worker’s laptop to ever reach the end device.