SECTION: 25 05 11 CYBERSECURITY FOR FACILITY RELATED CONTROL SYSTEMS (RKECS)

System Owner Requirements:

  1. Cybersecurity requirements for SECTION: 08 71 00 DOOR HARDWARE. If Electronic Locks are included, and are to be part of the RKECS JBLM system record, they must not use a network connection of any kind.
  2. If Electronic Locks meet the RKECS JBLM criteria, the "UFGS 25 05 11 Cybersecurity for Facility Related Control Systems (FRCS) - JBLM Design Standards - Criteria for: RKECS JBLM eID 5093" may be utilized.
  3. A list of lock MAKE and MODEL must be checked against the RKECS JBLM eMASS record, if the MAKE and MODEL is not included, GOV will add it to the hardware list on the eMASS record upon receiving final submittals.
  4. Laptops and Desktops require STIGs. Additional guidance will be provided upon request. usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil
  5. Laptops and Desktops can be imaged by the GOV with pre-STIG'd images. Contractor must provide hardware to DPW Helpdesk (usarmy.jblm.id-pacific.list.dpw-help-desk@army.mil) for system hardening. This will eliminate the requirement of the Operating System STIG.
  6. If Electronic Locks are part of a network, then the electronic locks system will not use the RKECS JBLM eID 5093 system record and will require all UFGS 25 05 11 submittals be provided to the gaining organization to achieve a system ATO.

 

UFGS 25 05 11 CYBERSECURITY FOR FACILITY RELATED CONTROL SYSTEMS (FRCS) - JBLM Design Standards - Criteria for: RKECS JBLM eID 5093

 

System Name:

RKECS JBLM - JOINT BASE LEWIS-MCCHORD RESIDENTIAL KEYLESS ENTRY CONTOL SYSTEM

System Description:

Residential Keyless Entry Control Systems (RKECS) is utilized to electronically secure physical access at Joint Base Lewis-McChord (JBLM) to exterior and interior doors, gates, and lockboxes. These are isolated door locks that do not communicate with any domains or have access to the internet. Typical configurations consist of a Windows standalone laptop that connects directly with the digital door lock via Universal Serial Bus (USB) for programming, maintenance, and data auditing. The connection from laptop to door lock is only during the duration of the maintenance being performed. Software is provided by the vendor. Hardware includes door locking mechanisms and lock boxes to padlock keys or chains.

System Owner Point of Contact (POC):

JBLM DPW Cybersecurity (RMF) Team

System Owner Email:

usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil

Authorizing Official (AO):

Army Material Command (AMC) DCS CIO/G6 - SES (AMC-AO)

System C-I-A Rating:

Moderate - Moderate - Low

System Owner Remarks:

 For RFIs, contact System Owner Email, with the Contracting Officer CC'd who can verify the requestor's need. System Specs are "Need-to-Know" and are controlled as such.

 

 

Tailoring Options:

ARMY
DEFAULT REQUIREMENTS
DESIGNER SPECIFIED REQUIREMENTS
MODERATE IMPACT
USACE CW

 

Changes or Criteria Notes to Unified Facilities Guide Specifications (UFGS)  

Paragraph # and Title (if any)

Note to Designer

Change Text

1.1 CONTROL SYSTEM APPLICABILITY

Add text - Systems Army Registered Name (acronym)

There are multiple versions of this Section associated with this project.
Different versions have requirements applicable to different control
systems. This specific Section applies only to the following control
systems: RKECS JBLM eID 5093.

1.2 RELATED REQUIREMENTS

Add Text

This section does not contain sufficient requirements to procure a control system and must be used in conjunction with SECTION: 08 71 00 DOOR HARDWARE which specify other requirements. This Section adds cybersecurity requirements to the RKECS JBLM eID 5093 control system specified in other Sections (i.e. Keypad lock, electronic lock, keyless lock, etc.), and as these requirements are conditioned on the control system being provided, there may be requirements in this Section that will not apply to this project.  All Sections containing facility-related control systems or control system components are related to the requirements of this Section.  Review all specification sections to determine related requirements.

In cases where a requirement is specified in both this Section and in another Section, the more stringent requirement must be met.  In cases where a requirement in this Section conflicts with the requirements of another Section such that both requirements cannot be met at the same time, request direction from the USArmy JBLM ID-Pacific DPW Neo RMF Team to determine which requirement applies to the project.

1.5.1 Points of Contact

Add Text

...Contracting Officer (KO) and the System Owner (SO).
...
g. System Owner (SO) Point of Contact: usarmy.jblm.id-pacific.list.dpw-neo-rmf@army.mil

1.5.2 Coordination 

Add Text

...
k. Cybersecurity Request for Information (RFI) and submittal review/approval requests must be sent to the System Owner (SO) of RKECS JBLM eID 5093 in coordination with the Contracting Officer (KO).

1.6 SUBMITTALS

Add Text - Info for designer consideration

In addition to the Contracting Officer (KO), Submittals must also be reviewed by the System Owner of the system as they are required to update system records as required by ARCYBER, NETCOM, AMC, and IMCOM HQ for processes related to achieving a system Authorization To Operate (ATO) or Information Technology Approval System (ITAS) funding approvals.

1.7 CYBERSECURITY DOCUMENTATION

Information Only

See section 3.2 "Construction Deliverable Requirement" of the JBLM Design Standards < https://www.jblmdesignstandards.army.mil/25-05-11-Cybersecurity-For-Facility-Related-Control-Systems/ >. RKECS JBLM eID 5093 will use the "Existing" criteria.

1.7.5 Software and Configuration Backups

Add Text

...Software includes firmware for all IP-Addressable devices.

1.8 QUALITY CONTROL

Add Text


Cybersecurity Kickoff Meeting

Within 60 calendar days after contract award, the Cybersecurity Subject
Matter Expert must schedule a Cybersecurity Kickoff Meeting with the
Contracting Officer, System Owner, System Program Manager, and Information
Security Manager (ISSM/ISO/ISSO).