Peregrine SMEs have been conducting vulnerability assessments (VA) on federal buildings focused on control systems for the Department of Defense (DoD) over the last five years under two major prime contracts. We traveled to 24 discrete bases in the US, Europe and the Pacific where we averaged 10 to 20 buildings per location. Our staff also directly supports the research effort stemming from the FY2017 DoD budget specifically for section 1650, Evaluation of Cyber Vulnerabilities of Defense Critical Infrastructure. Additionally, Peregrine SMEs regularly update the official DoD website for Facility Related Control Systems (FRCS), with new content developed to conduct Risk Management Framework (RMF) efforts using NIST 800-82 overlays.
Peregrine ensures organizations understand and meet the cybersecurity documentation required to comply with Unified Facilities Criteria (UFC) 04-010-06, Cybersecurity of Facility-Related Control Systems and Unified Facilities Guide Specifications (UFGS) 25 05 11, and Cybersecurity of Facility-Related Control Systems. This is especially important for bids at the different program stages including Design (35%), Pre-Final (90%) and Final Design (100%), and specifically focusing on networks that include FRCS, ICS and commercial IoT products using the subset of 110 RMF security controls. Peregrine SMEs update the official DoD website that posts the latest data on cyber design requirements. Finally, we are experts on cyber commissioning, and ensuring compliance with federal regulations.
Modifications & Updates to Old Buildings and Legacy Systems
Assessment support is provided for Energy Savings Performance Contracts (ESPC) and Utility Energy Savings Contracts (UESC) reviews. Energy Resilience cybersecurity support is provided to evaluate vulnerabilities.
Cyber Assessing Product Reviews
Peregrine evaluates good products versus bad using the Trusted Products List (TPL), and we are SMEs in all discussions for the Control Systems Tested Product List (CS-TPL) that has been developed for OT/ICS systems. We ensure configuration prior to installation, application of STIGs, and the hardening systems.
Cyber Plans for New Construction
Cyber support and vulnerability assessments are performed on pre-construction plans/BIM/CAD modeling, post-construction plans and as-builts, and Smart Buildings Cybersecurity Integration.
Cyber Commissioning. Factory Acceptance Testing (FAT)/Site Acceptance Testing (SAT)
Major support provided for these services include collecting artifacts and preparing them for RMF repository upload.
Work with Us
Peregrine is one of the few companies with actual experience conducting these types of ICS/OT cyber assessments, and we can provide references from our government leads at DoD OASD, DTRA and JHU-APL. Allow us the opportunity to support you – you will not be disappointed.