This large Electric Utility Company is a Fortune 500 integrated energy manufacturing company engaged primarily in electric power production and retail distribution operations in the Deep South of the United States.
Before this implementation of OTM, they were using ServiceNow ITOM and ITSM products. The company is the first ServiceNow client to go-live with OTM.
The customer did not have a centralized system in place that stores OT Asset Inventory and their Regulatory Compliance Standards and documents for OT and CIP Asset Inventory. This overall solution provided a single reliable source of information to view and query OT Asset Inventory information while protecting the data considered to be BCSI.
The goal of the project was to achieve the following:
Ensure BCSI compliance for cloud storage and automated discovery
Deploy ServiceNow Discovery for OT devices
CMDB integration with Verve & one time load from OTAM
Process development for new make/model generation
Create means to bulk create CI’s
Configure Change for OT Normal Change process
Allow users to see port functional groups related to CI’s within ServiceNow
As part of the standard development there is a knowledge base, a new catalog category containing 2 new items and a new OT Normal change type. OT asset data will be implemented via a 1 time import from OTAM, Integration with Verve Asset Manager and OT Discovery.
The following functionality has been implemented as part of this phase:
Discovery
Setup of Discovery to discover assets related to OT-CMDB.
Set up MID Servers
Add Credentials for discovery
OT Discovery Schedule Setup
Discovery IP Ranges for OT Assets
MID Server IP Ranges
Pattern updates for population of Firmware Version
Probe Updates:
MID Server MIB File
SNMP Fields
SNMP OID Classification
Sensor Updates
SNMP Classification
OTAM Import of OT Assets
Import of OTAM related OT Assets using Excel SG Connector which comes with the Operational Technology License.
Additional Transform map to import custom related fields
Verve SG Connector
Import of Verve related OT Assets using the New Verve SG Connector.
Only Medium Assets to be imported
Only pull information from Union and Sabine Sites
BCSI Protection
Protected by installed Licenced products ACLS.
Manufacturing Process Manager
Operational Technology Manager
Discovery for Operational Technology
All required custom fields added to protected table OT Asset Details[cmdb_ot_entity].
Reporting
Setup of reports on ServiceNow OT Asset data to support the following Audit request tool reports:
BES Assets
Cyber Assets (Medium and High)
Cyber Assets (Low)
ESP Report
PSP Report
CIP 10 Baseline Report
OT CMDB Health Dashboard
Completeness report
Staleness Report
Report on Assets missing firmware
Functional Groups Report
Functional Groups
1. Knowledge Base: Operational Technology (OT) – Restricted to OT Users
Category: Functional Groups
Multiple Articles – 1 for each of Tripwire functional groups approved ports
Category: Change Management
CIP 005/007 Assessment Guide
2. Functional group files sent from Tripwire to 2 data sources to update Functional Group Data and associate to OT CI’s
Data Source: Load Functional Group Articles
Reads file containing list of functional groups and approved ports
Groups by Functional Group and adds new or updates to new version for Functional Group Knowledge Articles
Data Source: Functional Groups to CI Records
Reads file containing Functional Groups relationship to CI’s
Adds relationship to the m2m_kb_ci table so that the Functional group will show on the CI related list.
3. Import Schedules Setup to load data everyday at 6am, 8am, 10am, 12PM, 2PM, 4PM & 6PM daily
Schedules: Functional Groups add/Update Import 1 - 7
Remove previous file
Process the data in the new file via the data source and transform map.
These will run on the hour each hour
Schedules: Map Functional Groups to CI's 1 – 7
Remove previous file
Process data in the new file via the data source and transform map
These will run at 10 minutes past the hour each hour
The company had other teams/vendors developing on some of the same applications (ie. Change Management, Request Management). To avoid conflicts GlideFast scheduled weekly meetings with all project teams to create visibility into upcoming work.
ServiceNow Clones/Upgrades impact to Schedule was identified as a risk to the project timeline. To mitigate this GlideFast raised awareness with all three project teams and requested advance notice and coordination
Additional workshops were required due to a delay in data readiness for integrations.
The customer had concerns for using the Verve SG Connector initially but through discussions between Verve, GlideFast and company we were able to address these concerns The final decision was made in Sprint 8 of 12 to integrate with Verve using the Verve SG Connector for integrations. The flexibility of this Connector meant we were still able to complete sprints on-time and accommodate only pulling data from specific sites.
The GlideFast team worked side-by-side with the company's team for a speedy and successful implementation.
2000+ OT Assets were added to the OT-CMDB consisting of:
Manually Imported assets from OTAM to maintain this data in ServiceNow going forward
Integrated Verve Assets from 2 Sites
OT Discovery configuration
2000 Sites were added using the Manufacturing Process Manager Equipment Model and mapped to OT Assets.