Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF APRIL 04, 2010 FBO #3053
SOURCES SOUGHT

R -- Control Systems Cybersecurity Training and Education Support

Notice Date
4/2/2010
 
Notice Type
Sources Sought
 
NAICS
611430 — Professional and Management Development Training
 
Contracting Office
Office of the Chief Procurement Officer, Washington, District of Columbia, 20528, United States
 
ZIP Code
20528
 
Solicitation Number
HSHQDC-10-Q-00172
 
Archive Date
5/1/2010
 
Point of Contact
Tiffany A. Kindred-Lopez, Phone: 202-447-5742
 
E-Mail Address
tiffany.kindredlopez@hq.dhs.gov
(tiffany.kindredlopez@hq.dhs.gov)
 
Small Business Set-Aside
N/A
 
Description
The U.S. Department of Homeland Security is seeking a qualified source in anticipation of a future requirement. The U.S. Department of Homeland Security invites all interested parties to submit a written response to this Request for Information (RFI). 1.0 PURPOSE AND OBJECTIVES The Department of Homeland Security has a potential requirement to obtain contract services for training support focused on cybersecurity in relation to Industrial Control Systems (ICS) and Embedded Devices. The requirement is for the support of an existing training program. Courses are designed to help the control systems community, consisting of asset owners and operators, engineers, security personnel and others concerned with protecting Critical Infrastructure and Key Resources (CIKR), with understanding the fundamental concepts of cybersecurity risks associated with ICS and to provide awareness for cybersecurity. 2.0 PROJECT DESCRIPTION Prospective firms must have the capabilities to provide training program support. DHS will be the lead for this project and will provide approval for overall management decisions for the project with the contractor utilizing its' expertise for developing and delivering training to accomplish the tasks outlined in a SOW. In planning and executing each task the contractor shall support DHS's requirements associated with metrics and measures to gauge the success and impacts of the task. Prospective firms must have the capabilities to provide training support in the form of classroom delivery, online web based delivery and various transportable mediums such as Compact Discs (CDs) or Digital Video Discs (DVDs). Classroom delivery will require training to be executed in dynamic and changing offsite locations and environments such as national lab facilities, conferences, industry associated events, contractor facilities and end user's facilities, where travel will be required. Training courses will consist of varying degrees of technical content requiring the contract trainers to pose various corresponding degrees of technical understanding and expertise, depending on the course level. The contractor will be required to continue updating, enhancing and developing current and future courses at the DHS's direction. Examples of courses to be supported: 2.1 Web Based Format Cyber Security for Control Systems Engineers & Operators This course is a web-based training package consisting of five lessons covering threats, risks, cyber attacks, risk assessments and mitigations for control systems. It can be completed in less than an hour. This course has been approved for North American Electric Reliabilty Corporation (NERC) continuing education credits. Operations Security (OPSEC) for Control Systems is a web-based training package consisting of seven lessons covering the definition of OPSEC, the five-step OPSEC process, common information-collection techniques, information protection, physical protection, appropriate and inappropriate use in the control system environment, and a summary. It can be completed in less than an hour. This course has been approved for North American Electric Reliabilty Corporation (NERC) continuing education credits. This training was developed through the Control Systems Security Program, established by the U.S. Department of Homeland Security National Cyber Security Division. 2.2 Instructor Led format - Introductory Level Control Systems Cyber Security Who Needs It? (1 hour) This course turns on the proverbial light bulb for many people as they realize that cyber security is as important as physical security. Some say that seeing is believing, so this course goes through a cyber attack, step by step, that takes control of a process control system. A short video shows the process an attacker could take to compromise the control of a manufacturing process (without the operator knowing about it). The course focuses on solutions aimed at mitigating this type of attack while providing a general overview of the control systems environment. Common vulnerabilities that have been found in virtually every system that the Control Systems Security Program has assessed are discussed and solutions for preventing exploits and detecting intrusions are presented. This training is made available to be supported at industry member events or venues upon request. 2.3 Instructor Led format - Introductory Level Control Systems Security for Managers (1 hour) This course combines technical information with a discussion of the business case. The instructor first discusses the threat to process control and Supervisory Control and Data Acquisition (SCADA) systems, then, through a demonstration video, shows that it is possible for a cyber attack to cause physical problems. The class then moves on to identify mitigations to common vulnerabilities and ways to prevent and detect intrusions to process control and SCADA systems. This course concludes with a discussion about the business case and how cyber security affects the bottom line. This training is made available to be supported at industry member events or venues upon request. 2.4 Instructor Led format - Intermediate Level Solutions for Process Control Security (4 hours) The Solutions for Process Control Security training is a fast-paced course covering general control systems cyber security challenges. The training objectives include helping participants understand how attacks against control systems can be launched, identifying targets of opportunity, and providing mitigation strategies. Participants will gain an understanding on how to increase the cyber security posture of their control systems networks. This training is made available to be supported at industry member events or venues upon request. 2.5 Introduction to Control Systems Security for the IT Professional (8 hours) This course is directed to those with IT Security responsibilities or background but have no previous experience in critical infrastructure control systems and their relationship to modern IT networks. Four training sessions will guide attendees from basic definitions, components, and protocols to the major applications and architectures within critical infrastructure (CI) and key resources (KR). Control system network architectures, cyber threats and vulnerabilities, and mitigations will be presented. Current and emerging government and industry activities that are addressing the issue of risk reduction will be discussed. This training is made available to be supported at industry member events or venues upon request. 2.6 Hands-on format - Intermediate Technical Level Intermediate Control Systems Security (8 hours) This hands-on course is structured to help students understand exactly how attacks against process control systems could be launched and why they work and to provide mitigation strategies to increase the cyber security posture of their control systems networks. Because this course is hands-on, students will get a deeper understanding of how the various tools work. Accompanying this course is a sample process control network that demonstrates exploits used for unauthorized control of the equipment and mitigation solutions. This network is also used during the course for the many hands-on exercises that will help the students develop control systems cyber-security skills they can apply when they return to their jobs. Every student attending this course must have a laptop computer that they can configure and bring to the class. All students in the class should have basic coding skills and a fairly deep understanding of network details, from User Datagram Protocol (UDP) to Transmission Control Protocol (TCP), from Media Access Control (MAC) to Internet Protocol (IP). This training is made available to be supported at industry member events or venues upon request. 2.7 Hands-on format - Advanced Technical Level Control Systems Cyber Security Advanced Training and Workshop (1 week) This event will provide intensive hands-on training on protecting and securing control systems from cyber attacks, including a very realistic Red Team / Blue Team exercise that will be conducted within an actual control systems environment. It will also provide an opportunity to network and collaborate with other colleagues involved in operating and protecting control systems networks. A sample process control network will be used to demonstrate exploits and to give the student actual hands-on experience. The red team / blue team exercise will provide friendly competition as the red team tries to attack the control system and the blue team works to defend against the cyber attacks. A debriefing will highlight lessons learned from the red team, the blue team, and an overall perspective will be provided by cyber security experts who monitored and scored the activities of the red and blue teams. 3.0 RFI RESPONSE INSTRUCTIONS Interested parties having the expertise and capabilities are invited to submit detailed information discussing their capabilities by 4:00 pm EST on April 16, 2010 to Tiffany Kindred-Lopez via email at tiffany.kindredlopez@hq.dhs.gov. No cost or pricing is required. This is not a solicitation. This Request for Information (RFI) is issued solely for informational, market research, and planning purposes only. It does not constitute a Request for Proposal (RFP) or a promise to issue an RFP in the future. This RFI does not commit the Government to contract for any supply or service whatsoever. Further, the Department of Homeland Security is not at this time seeking proposals, and will not accept unsolicited proposals. Respondents are advised that the Government will not pay for any information or administrative cost incurred in response to this RFI. All costs associated with responding to this RFI will be solely at the responding party's expense. At this time, proprietary information is not being requested, and respondents shall refrain from providing proprietary information in response to this RFI. Responses to the RFI will not be returned and are limited to ten (10) pages. Please be advised that all submissions become Government property and will not be returned. Additional information: (A) Prospective firms will provide anticipated lead times required to support out of band courses to include instructor access, materials, facilities and any other resources but not limited to not just these listed. (B) Prospective firms will provide capabilities for supporting DHS's web based training. (C) Prospective firms will illustrate similar experience and expertise to be used in support of DHS's requirements.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DHS/OCPO/DHS-OCPO/HSHQDC-10-Q-00172/listing.html)
 
Place of Performance
Address: Multiple locations, United States
 
Record
SN02111912-W 20100404/100402235813-52ef956624bfe4ccf703e52c88f14d23 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.