Difference between revisions of "Data Center Facility/Operation Technology and Security"

From OpenCompute
Jump to: navigation, search
m (Updated WS names)
m (Documents)
Line 28: Line 28:
 
==Documents==
 
==Documents==
  
:- [https://drive.google.com/file/d/1LJRY7_N7HXIGW6eXTR_wf-MfwGuim_HS/view?usp=sharing OTS Background]
+
:- [https://drive.google.com/file/d/1wLRTIugtGmVp2IcoYGulZsYCP7UPHAEv/view?usp=sharing]
  
 
==== Current Workstreams ====
 
==== Current Workstreams ====

Revision as of 19:57, 9 February 2021

OCP-datacenter-v1-17a3x.png

Welcome

Welcome to the OCP Operation Technology and Security Sub-Project. The Industrial Control Systems (ICS) that run our data centers are frequently designed with availability as the focus rather than mitigation of security risk or vulnerability. This has presented a unique security challenge across multiple industries from manufacturing to datacenters. We find this type of equipment is often lacking security fundamentals. Security fundamentals such as modern communication, authentication and authorization mechanisms that we would expect in critical equipment attached to a network are often missing.

Security issues with this type of equipment are not unique to data centers but are present in multiple industries such as manufacturing and energy. By combining efforts across multiple organizations and industries we can begin to drive a marked increase in the security of these systems and environments. The project's scope is focused on communications, authentication, monitoring and management.


This Project is open to the public and we welcome all those who would like to be involved.
Disclaimer: Please do not submit any confidential information to the Project Community. All presentation materials, proposals, meeting minutes and/or supporting documents are published by OCP and are open to the public in accordance to OCP's Bylaws and IP Policy. This can be found on the OCP OCP Policies page. If you have any questions please contact OCP.

Project Leadership

Incubation Committee Representative

- TBD (Rackspace)

Project Lead

- Rob Coyle (PCX)
- Anand Ramesh (Google)

Sub-project Leads

- Joey Arato (Facebook)
- Jon Littell (Google)

Documents

- [1]

Current Workstreams

To start we are focusing on what a baseline physical security standard would look like for a data center, what types of communications standards and protocols would best enable secure comms of this equipment and how we best monitor it for security issues.

Physical Security Workstream
· Workstream Leads - Marcelo Campos (Roxtec)

Monitoring & Logging Workstream
· Workstream Leads - Eehern Wong (Google)

Secure Communication Guidelines Workstream
· Workstream Lead - Steve Scott (Facebook)

Get Involved

- OTS Mailing List
- DCF Mailing List
- OCP DCF Website
- OCP Projects Calendar

Regular Project Calls

TBD

Recordings from Past Calls