SECTION: 25 05 11 CYBERSECURITY FOR FACILITY RELATED CONTROL SYSTEMS (FACS)
System Owner Requirements:
- The FACS (Fire Alarm Control System) is a Facility contained system with the purpose of fire and smoke detection, alerting building occupants,
and triggering the Fire Alarm Reporting System (FARS) to begin the reporting processes during emergencies or system tests within a building.
FACS consists of fire alarm control panel with sensors and alarm devices, and annunciators. The FACS can assign addresses for fire alarm sensors
and devices and provide sensor status updates through regular queries. The FACS is a separate system from the FARS.
The FACS fulfills required fire protection in AR 420-1, Chapter 25-32 and is funded by DPW.
- If any part of the FACS will require an I.P. address or an I.P. addressable component or device, contact JBLM DPW Cybersecurity (RMF) Team at usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil.
- If NO part of the FACS is communicating using an IP address, no UFGS 25 05 11 for FIRE ALARM CONTROL SYSTEM (FACS) is required.
- All other requirements can be found in SECTION: 28 31 76 INTERIOR FIRE ALARM AND MASS NOTIFICATION SYSTEM and SECTION: 28 31 74 INTERIOR FIRE DETECTION AND ALARM SYSTEM
| UFGS 25 05 11 CYBERSECURITY FOR FACILITY RELATED CONTROL SYSTEMS (FRCS) - JBLM Design Standards - Criteria for: FACS JBLM (APMS FOR ITAS ONLY - NO eMASS RECORD) |
| |
| System Name: |
FIRE ALARM CONTROL SYSTEM (FACS) JBLM |
| System Description: |
FACS (Fire Alarm Control System) is a facility contained system. The IT portion of the FACS is the Fire alarm control panel (FACP). The system is comprised of sensors and manual activation pull stations for detection, fire alarm control panel, alarms, containment (release magnets on fire doors etc...), and suppression (if present). When a sensor or manual activation is triggered it sends a signal to the FACP. The FACP processes the signal and activates the annunciators, alarms, containment, suppression and transmits a signal to the DES funded Fire Alarm Reporting System (FARS). The FACS can be non-addressable and addressable assign addresses/locations for fire alarm sensors and devices and provide sensor status updates using electrical pulse. The Fire alarm control system fulfills required fire protection in AR 420-1, Chapter 25-32. There are no direct users of the system in a traditional (Cyber) sense, its purpose is to alert building residents to a potential fire condition and send that status to the FARS system (Monico) for reporting to emergency services dispatch.
FACS data flow diagrams show what outputs are sent to the FARS system.
FACS enables Joint Base Lewis-McChord Directorate of Public Works the ability to comply with required facility fire protection in AR 420-1, Chapter 25-32.
FACS physical security controls are met by installing IT components in lockboxes within dedicated electrical rooms accessible to maintenance personnel independent of the building occupants.
|
| System Owner Point of Contact (POC): |
JBLM DPW Cybersecurity (RMF) Team |
| System Owner Email: |
usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil |
| Authorizing Official (AO): |
Army Material Command (AMC) DCS CIO/G6 - SES (AMC-AO) |
| System C-I-A Rating: |
LOW - LOW - LOW |
| System Owner Remarks: |
System does not have an eMASS record on JBLM and there is no approval for "I.P. Addressable" devices installed for the purpose of FACS. If an I.P. Addressable component is required, UFGS 25 05 11 will be required with the below criteria. Otherwise, UFGS 25 05 11 is not require solely for the FACS JBLM System. (Does not include FARS which is a DES managed system) |
| |
|
| Tailoring Options: |
ARMY
DEFAULT REQUIREMENTS
DESIGNER SPECIFIED REQUIREMENTS
FIRE PROTECTION
LOW IMPACT
USACE CW |
| |
|
| Changes or Criteria Notes to Unified Facilities Guide Specifications (UFGS) |
| Paragraph # and Title (if any) |
Note to Designer |
Change Text |
| 1.1 CONTROL SYSTEM APPLICABILITY |
Add text - Registered System Name: FACS JBLM
ONLY APPLICABLE IF NEW OT COMPONENTS REQUIRE eMASS RECORD (I.P. Addressable)
Contact: usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil - Non-I.P. options must be exhausted.
|
There are multiple versions of this Section associated with this project.
Different versions have requirements applicable to different control
systems. This specific Section applies only to the following control
systems: FACS JBLM. |
| 1.2 RELATED REQUIREMENTS |
Add Text |
This section does not contain sufficient requirements to procure a control system and must be used in conjunction with other Sections which specify other Fire Detection, Alarm, and Suppression (if equipped) requirements. This Section adds cybersecurity requirements to the FACS JBLM specified in other Sections, and as these requirements are conditioned on the control system being provided, there may be requirements in this Section that will not apply to this project. All Sections containing facility-related control systems or control system components are related to the requirements of this Section. Review all specification sections to determine related requirements.
In cases where a requirement is specified in both this Section and in another Section, the more stringent requirement must be met. In cases where a requirement in this Section conflicts with the requirements of another Section such that both requirements cannot be met at the same time, request direction from the USArmy JBLM ID-Pacific DPW Neo RMF Team to determine which requirement applies to the project. |
| 1.5.1 Points of Contact |
Add Text |
...Contracting Officer (KO) and the System Owner (SO).
...
g. System Owner (SO) Point of Contact: usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil |
| 1.5.2 Coordination |
Add Text |
...
k. Cybersecurity Request for Information (RFI) and submittal review/approval requests must be sent to the System Owner (SO) of UMCS JBLM eID 5090 in coordination with the Contracting Officer (KO). |
| 1.6 SUBMITTALS |
Add Text - Info for designer consideration |
In addition to the Contracting Officer (KO), Submittals must also be reviewed by the System Owner of the system as they are required to update system records as required by ARCYBER, NETCOM, AMC, and IMCOM HQ for processes related to achieving a system Authorization To Operate (ATO) or Information Technology Approval System (ITAS) funding approvals. |
| 1.7 CYBERSECURITY DOCUMENTATION |
Information Only |
See section 3.2 "Construction Deliverable Requirement" of the JBLM Design Standards < https://www.jblmdesignstandards.army.mil/25-05-11-Cybersecurity-For-Facility-Related-Control-Systems/ >. FACS JBLM will use the "NEW" criteria IF IP ADDRESSABLE COMPONENTS OTHER THAN FARS IS ADDED. |
| 1.7.5 Software and Configuration Backups |
Add Text |
...Software includes firmware for all IP-Addressable devices. |
| 1.8 QUALITY CONTROL |
Add Text |
Cybersecurity Kickoff Meeting
Within 60 calendar days after contract award, the Cybersecurity Subject
Matter Expert must schedule a Cybersecurity Kickoff Meeting with the
Contracting Officer, System Owner, System Program Manager, and Information
Security Manager (ISSM/ISO/ISSO).
|