Critical Infrastructure Protection Committee Minutes June 11-12, 2013

Transcription

1 Critical Infrastructure Protection Committee Minutes June 11-12, 2013 Westin Buckhead Atlanta, Georgia The Critical Infrastructure Protection Committee (CIPC) Chair Chuck Abell called the meeting to order and being duly noticed the regular meeting of the CIPC on June 11, 2013 at 1:02 p.m. EDT. CIPC Secretary, Mr. Bob Canada declared a quorum to conduct business with 29 members present. The meeting announcement, agenda, and a list of attendees are attached as Exhibits A, B, and C respectively. Secretary Canada announced a quorum of 29 members present which includes the following proxies: 1. NPCC Mr. Brian Hogue proxy for Mr. Mike Puscas 2. SPP Mr. Eric Ervin proxy for Mr. Allen Klassen 3. NRECA Mr. Brad Hyland proxy for Mr. Robert Richhart 4. FRCC Mr. Joe Garmon proxy for Mr. Darren Myers 5. APPA Mr. Scott Smith proxy for Mr. David Godfrey 6. RFC Mr. Frank Dessuit proxy for Mr. Larry Bugh 7. TRE Mr. Scott Rosenberger proxy for Mr. Darrel Klimitchek (June 12th only) NERC Antitrust Compliance Guidelines Secretary Canada called attention to the NERC Antitrust Compliance Guidelines distributed with the agenda and read the statement concerning publicly announced meetings. Secretary Canada also stated that the meeting would follow Robert s Rules of Order. CIPC Meeting Safety Briefing Westin hotel security staff briefed CIPC and attendees on evacuation procedures and rally points outside the hotel. Introductions of Members, Proxies, Alternates, Associates, and Others Chair Abell called for introductions of members of the CIPC and other attendees, and requested all present to sign the attendance sheets for the meeting. Review of Agenda Chair Abell reviewed the meeting agenda with the CIPC members and asked if there were any additions or changes. He noted the agenda items and presentations might need to be presented or discussed out of

2 the stated sequence, due to the speakers commitments and travel arrangements. Note: Presentation slides from this meeting are available at: Meeting Presentations Consent Agenda Chair Abell made a motion to approve the consent agenda which included the posted agenda and minutes for the meeting on March 5-6, Upon motion by Mr. Carl Eng, the consent agenda was approved by CIPC without any changes. Chair s Report Chair Abell provided CIPC with his report, covering CIPC s past, present, and future actions. Chair Abell placed special emphasis upon the reports made on behalf of CIPC to the NERC Board of Trustees, Electricity Sub-Sector Coordinating Council (ESCC) meeting, and the Standing Committee Coordination Group (SCCG). (Presentation 1) CIPC Strategic Plan and Work Plan Chair Abell offered the document for discussion and CIPC approval. Upon motion by Mr. Eng, the document was approved by CIPC. CIPC Charter Chair Abell advised the charter is still under review by NERC s legal department, since December 2012, for a review alongside the Operating and Planning Committee charters to seek more consistency across the committees. CIPC Nomination Subcommittee Chair Abell, per CIPC charter, appointed Mr. Eng to chair this subcommittee. The subcommittee is charged with developing and recommending a slate of officers to CIPC. Critical Infrastructure Protection Director s Remarks Mr. Matt Blizard, Director of Critical Infrastructure Protection discussed the following topics: Electricity Sub-sector Coordination Council (ESCC), Electricity Sector Information Sharing and Analysis Center (ES- ISAC), Critical Infrastructure Protection (CIP) Business Plan and Budget, GridEx II, 2013 Grid Security Conference (GridSecCon), CIP Reliability Issues Steering Committee (RISC), Cybersecurity Executive Order Update, Critical Infrastructure Protection Transition Guidance, Upcoming August Board of Trustees meeting reports from Working Groups (WGs) and Task Forces (TFs), CIPC Strategic Plan, and finally the significant progress of CIPC. (Presentation 2) PG&E Substation Shooting Briefing Mr. Michael Peterson, PG&E Corporate Security briefed on the incident response and investigative details of the incident on April 16, (Presentation not to be shared at this time due to ongoing investigation) Overview of Cybersecurity Executive Order Ms. Laura Brown, NERC Staff briefed on the ongoing efforts to meet the challenges of information sharing with private sector and government as well as the National Institute of Standards and

3 Technology (NIST) with the task of creating a cybersecurity practice framework, in collaboration with industry that will be used to reduce threats. Washington D.C. Update Ms. Melanie Seador, Edison Electric Institute briefed CIPC on current legislative initiatives and status of their process through U.S. House or Senate procedures. She also briefed on the Markey/Waxman Report. (Presentation 3) Reliability Issues Steering Committee (RISC) Update Mr. Jim Brenton, CIPC designee to the RISC briefed on the mission, and purpose, benefits to the standards program progress and an update of the nominated issues of strategic importance to the bulk power system reliability. (Presentation 4) Subcommittee Chairs, Subgroups, and Remarks Chair Abell reminded the CIPC of the new subcommittees, WGs and TFs, the deliverables of the CIPC Strategic Plan, expectations of progress and solicited members for all subgroups. (No presentation) Operating Security Subcommittee Chair Mr. Carl Eng Electricity Sector Information Sharing Task Force (ESISTF) Mr. Eng briefed CIPC on behalf of Chair, Stephen Diebold. The presentation centered on the procedures, protocols, and requirements which can be quite confusing and duplicative in some instances. A diagram was shown depicting the present reporting structure in place and a preliminary alternative proposal structure utilizing the ES-ISAC as the gatekeeper to receive all information and then pushing it out to government and industry. Specific mention was made of the ES-ISAC to develop a central reporting of the DOE 417 through the ES-ISAC portal. Upon motion of Mr. Eng, the ESISTF report was approved by CIPC. (Presentation 5) Grid Exercise Working Group (GEWG) Mr. Bill Lawrence, NERC Staff briefed CIPC on the progress of planning the conference, timelines, objectives, distributed play and executive tabletop, play scenario, as well the number of entities participating in the exercise. (Presentation 6) The CIPC Meeting on June 11 th was concluded for the day at 5:02 p.m. (EDT) and was reconvened on June 12 th at 8:02 a.m. (EDT) Policy Subcommittee Chair Mr. Nathan Mitchell (No Presentation) Personnel Security Clearance Task Force (PSCTF) Chair Mr. Mitchell briefed on the draft report offered to CIPC discussion and approval. A summary of the report was briefed which included key points of the report such as the report supporting NERC s CEO Top Priority Issue - Goal 7 and CIPC Charter Section 3, findings that the industry could provide timely and subject matter expertise to

4 government in a collaborative classified space and a framework to provide a consistent process to select nominees for clearances. Upon motion by Mr. Mitchell, the report was approved by CIPC. (Presentation 7) Bulk Electric System Security Metrics Working Group (BESSMWG) Chair Mr. James Sample briefed on the progress of the draft report. The development of the Security Metric Framework (SMF) for measures and trends for lagging and leading indicators were included in the draft report. The collaboration with Department of Energy, NERC Event Analysis, and ES-ISAC; it will be important to understand the mandatory, voluntary reporting by the industry, and develop a vision for soliciting industry reporting of voluntary leading indicators. A CIPC discussion included questions on leading and lagging indicators. Support for the BESSMWG was voiced by several CIPC members. Upon motion by Chair Abell, there was a request for CIPC endorsement of the BESSMWG direction (Presentation 8) and the Draft BESSMWG report; both were endorsed by CIPC vote. (Presentation 9) Compliance and Enforcement Input Working Group (CEIWG) Chair Mr. Paul Crist gave a progress report on the working group, covered new volunteers, future work including; guidelines and process for Compliance Analysis Report (CAR) development, Reliability Assurance Initiative Support, and virtualization whitepaper review. (Presentation 10) Cyber Security Subcommittee Chair Mr. Marc Child (No presentation) Mr. Child gave an overview of the Cyber Security Subcommittee activities to include: latest activities, next steps, and CIPC actions. Cyber Attack Tree Task Force (CATTF) Chair Mr. Mark Engels gave an update on the activities which included Amenza SecurIT Attack Tree training conducted, location of the attack trees, documentation of roles and responsibilities, continuing to update the trees, standing up sub-teams. (Presentation 11) Cyber Security Analysis Working Group (CSAWG) Chair Mr. Eric Warakomski gave an update on the latest activities, existing liaisons with the ES-ISAC, CSTWG, and Events Analysis Subcommittee. (Presentation 12) ES-ISAC Update Mr. Ben Miller, ES-ISAC Staff briefed CIPC on the importance of information sharing and endorsed the reports by the PSCTF report and the ESITF report presented to CIPC. (No presentation) Physical Security Subcommittee Chair Mr. David Grubbs (No Presentation) Electricity Sub-Sector Physical Response Guideline Task Force Chair Mr. John Breckenridge briefed on the draft of the Security Guideline for the Electric Sub-Sector: Physical Response and explained the background information and usefulness of the draft document which will go out to CIPC for a 30-day comment period. (Presentation 13)

5 Physical Security Analysis Working Group (PSAWG) Chair Mr. Ross Johnson briefed CIPC on the proposed changes to the PSAWG charter to form the Physical Security Working Group (PSWG). Mr. Johnson contemplated activities such as: conducting research, recommending activities to improve the security of the Bulk Electric System facilities, establish a forum for industry to share physical security challenges, threat management techniques through a collaborative process using teleconferences, and the ES-ISAC developing a portal for the sharing of timely information that is mindful of regulatory implications for entities. Upon motion, Mr. David Grubbs accepted the changes to the PSAWG charter which changed it to the PSWG; and CIPC approved. (Presentation 14) Security Training Working Group (STWG) Chair Mr. William Whitney briefed CIPC on the newly combined working groups to include both physical and cyber security training. The latest activities include: conferences every 2 nd Friday of the month, setting up a ES-ISAC portal for collaboration, compiling a list of free on-demand training from agencies and vendors, assisting in developing training subject matter for CIPC Workshops, and solicited new members. (Presentation 15) Cybersecurity Procurement Language Update for Energy Delivery Systems Mr. Ed Goff, Duke Energy briefed CIPC on promoting cybersecurity by design through procurement language, tailored to the specific needs of the energy sector; why it is necessary, phases for development, timeline, and meeting the Department of Energy roadmap mission. (Presentation 16) 2013 Grid Security Conference (GridSecCon) Mr. Lawrence briefed on the planning stages, trainings being offered, and schedule of the conference. (Presentation 17) Cyber Security Standards Update Mr. Scott Mix, NERC Staff briefed on Version 5 Notice of Proposed Rulemaking (NOPR) response from NERC and the Interpretation Drafting Team activities. (No Presentation) Sufficiency Review Program (SRP) Mr. Mix briefed on SRP 2012 overview, general Risk Based Assessment Methodology (RBAM) observations, criteria-specific observations, critical cyber asset observations, and discussed possible program activities for (Presentation 18) CIP Compliance Update Mr. Tobias Whitney, NERC Staff briefed on the CIP Standards Transition Process. Agency Updates Federal Energy Regulatory Commission Mr. David Norton

6 Future Meetings 2013 Meeting Dates Time Type Location Hotel September 17 September 17 September 18 October November December 10 December 10 December 11 March 2014 March 2014 March :30 a.m. Noon (MDT) 1:00 5:00 p.m. (MDT) 8:00 a.m. Noon (MDT) 8:00 a.m. 5:00 p.m. (EST) CIPC Physical Security Workshop CIPC Meeting CIPC Meeting Denver, CO Denver, CO Denver, CO Hyatt Denver Tech Center Hyatt Denver Tech Center Hyatt Denver Tech Center 2013 GridSecCon TBD TBD TBD GridEx II Remote Participation NA 7:30 a.m. Noon (EST) 1:00 5:00 p.m. (EST) 8:00 a.m. Noon (EST) Department of Homeland Security Classified Briefing (Tentative) Atlanta, GA TBD CIPC Meeting Atlanta, GA Westin Buckhead Atlanta CIPC Meeting Atlanta, GA Westin Buckhead Atlanta 7:30 a.m. Noon CIPC Workshop TBD 1:00 5:00 p.m. CIPC Meeting 8:00 a.m. Noon CIPC Meeting TBD TBD TBD TBD TBD Adjournment There being no further business and upon motion to adjourn by Mr. Jim Brenton, CIPC adjourned at 12:06 p.m. EDT. Submitted by, R.D. Canada Bob Canada CIPC Secretary

7

8 Agenda Critical Infrastructure Protection Committee June 11, :00 5:00 p.m. (EDT) June 12, :00 a.m. Noon (EDT) Westin Buckhead Atlanta Hotel 3391 Peachtree Road N.E. Atlanta, GA Cyber Security Training Workshop June 11, :30 a.m. Noon (EDT) NERC Headquarters Office 3353 Peachtree Road, 6th Floor Suite 600, North Tower Atlanta, GA Room: Multi-Purpose Room Critical Infrastructure Protection Committee Meeting Westin Buckhead Atlanta Hotel CIPC Working Lunch: Pre-function Area A/B June 11, 2013 Noon 1:00 p.m. (EDT) June 11, :00 5:00 p.m. (EDT) June 12, :00 a.m. Noon (EDT) Room: Ballroom B Welcome and Introductions CIPC Chair, Chuck Abell NERC Antitrust Compliance Guidelines and Public Meeting Announcement* Agenda 1. Administrative CIPC Secretary, Bob Canada a. Arrangement Safety Briefing and Emergency Precautions b. Announcement of Quorum of Voting Members c. CIPC Roster Page 13 d. Parliamentary Procedures In the absence of specific provisions in this manual, all committee meetings shall be conducted in accordance with the most recent edition of Robert s Rules of Order in all cases to which they are applicable. 2. Consent Agenda Chair Abell

9 a. Draft Minutes for Approval - CIPC March 5-6, 2013 b. Committee Membership Appointments and Changes: TRE Jim Brenton ERCOT Cyber TRE David Grubbs City of Garland Operations TRE Darrell Klimitcheck STEC Physical FRCC Paul McClay TECO Cyber FRCC Carter Manucy Fla Municipal Physical FRCC Darren Myers Progress Operations MRO Marc Child Great River Cyber MRO Paul Crist LES Physical MRO Rick Liljegren MN Power Operations NPCC Mike Puscas NU Operations NPCC Greg Goodrich NYISO Cyber NPCC Benoit Tardif HQ Physical RFC Larry Bugh RFC Cyber RFC Kent Kujala Detroit Operations RFC Jeff Fuller DPL Physical SERC Chuck Abell Ameren Cyber SERC Carl Eng Dominion Operations SERC Tommy Clark SMEPA Physical SPP John Breckenridge KCPL Physical SPP Allen Klassen Westar Operations SPP Robert McClanahan AECC Cyber WECC Scott Bordenkircher APS Physical WECC Mike Mertz PNM Cyber WECC Jamey Sample PGE Operations APPA David Godfrey TMPA Physical APPA Nathan Mitchell APPA Policy CEA Chris McColm Manitoba Physical CEA Ross Johnson Capital Power Physical CEA David Dunn* IESO Policy NRECA Robert Richhart Hoosier Policy NRECA David Revill Georgia Trans Policy *Designates new appointment 3. Chair s Remarks CIPC Chair Abell a. Reports Recent NERC Meetings b. CIPC Strategic Plan and Work Plan Status *Draft for Discussion and Approval by CIPC c. CIPC Charter Update Under Review by NERC Legal Counsel 4. Remarks Matt Blizard, NERC Director of Critical Infrastructure Protection 5. Overview of Cybersecurity Executive Order Laura Brown, NERC Staff 6. Washington, D.C. Update Melanie Seader, Edison Electric Institute a. Legislative Update * Items for CIPC Vote Critical Infrastructure Protection Committee Agenda June 11-12,

10 b. Markey / Waxman Report 7. Reliability Issues Steering Committee Update Jim Brenton, Reliability Issues Steering Committee (RISC) member 8. Subcommittee Chairs, Subgroups, Progress, and Remarks Chair Abell 9. Operating Security Subcommittee Subcommittee Chair Carl Eng Electricity Sector Information Sharing Task Force Carl Eng on behalf of Chair, Stephen Diebold ESISTF Charter *Draft Report Offered for CIPC Discussion and Approval Grid Exercise Working Group Chair Tim Conway GEWG Charter *Report on Progress and Work Completed and Contemplated *Report of GridEx II Activities Bill Lawrence, NERC Staff 10. Policy Subcommittee Subcommittee Chair Nathan Mitchell Personnel Security Clearance Task Force Chair Mitchell PSCTF Charter *Draft Report Offered for CIPC Discussion and Approval Bulk Electric System Security Metrics Working Group Chair James Sample BESSMWG Charter *Draft Report Offered for CIPC Discussion and Approval *Report on Progress and CIPC Endorsement of WG Direction Compliance Enforcement and Input Working Group Chair Paul Crist CEIWG Charter *Report on Progress of Work Completed and Contemplated 11. Cybersecurity Subcommittee Subcommittee Chair Marc Child Cyber Attack Task Force Chair Mark Engels CATF Charter *Report on Progress of Work Completed and Contemplated Cyber Security Analysis Working Group Chair Eric Warakomski CSAWG Charter *Report on Progress of Work Completed and Contemplated * Items for CIPC Vote Critical Infrastructure Protection Committee Agenda June 11-12,

11 12. Physical Security Subcommittee Subcommittee Chair David Grubbs Electricity Sector: Physical Response Guideline Task Force Chair John Breckenridge PSGTF Charter *Draft Security Guideline for the Electricity Sub-Sector: Physical Security Response *Request for CIPC Endorsement and CIPC Comments Physical Security Analysis Working Group Chair Ross Johnson PSAWG Charter *Report on Progress of Work Completed and Contemplated Physical Security Working Group Charter *New WG and Charter for CIPC Approval Security Training Working Group Chair William Whitney III STWG Charter *New Charter Offered for CIPC Approval *Report on Progress of Work Completed and Contemplated 13. Cybersecurity Procurement Language Update for Energy Delivery Systems Ed Goff, Duke Grid Security Conference Update Bill Lawrence, NERC Staff 15. ES-ISAC Update Ben Miller, NERC Staff 16. Cyber Security Standards Update Steve Noess, NERC Staff a. Version 5 Update b. Interpretation Team 17. CIP Compliance Update Tobias Whitney, NERC Staff a. Transition Update b. FERC Notice of Proposed Rulemaking (NOPR) c. FERC Remands and Impact on Compliance Monitoring 18. Sufficiency Review Program Scott Mix, NERC Staff 19. Agency Updates a. Federal Energy Regulatory Commission b. Department of Homeland Security c. Department of Energy * Items for CIPC Vote Critical Infrastructure Protection Committee Agenda June 11-12,

12 20. CIPC Meetings, Workshops, and Training Schedule for 2013: 2013 Meeting Dates September 17 Time Type Location Hotel 7:30 a.m. Noon (MST) CIPC Physical Security Workshop Denver, CO September 17 1:00 5:00 p.m. (MST) CIPC Meeting Denver, CO September 18 8:00 a.m. Noon (MST) CIPC Meeting Denver, CO October October 17 8:30 a.m. 6:00p.m. (EDT) 8:30 a.m. 5:00 p.m. (EDT) 8:00 a.m. 5:00 p.m.(edt) November TBD GridEx II GridSecCon 2013 Security Training in Conjunction with GridSecCon Jacksonville, FL Jacksonville, FL Remote Participation Hyatt Denver Tech Center Hyatt Denver Tech Center Hyatt Denver Tech Center Jacksonville Hyatt Riverfront Jacksonville Hyatt Riverfront December 10 7:30 a.m. Noon (EDT) DHS Classified Briefing Atlanta, GA NA December 10 1:00 5:00 p.m. (EDT) CIPC Meeting Atlanta, GA December 11 8:00 a.m. Noon (EDT) CIPC Meeting Atlanta, GA NA Westin Buckhead Atlanta Westin Buckhead Atlanta Closing Items 21. Follow-up Items and Future Actions Chair Abell 22. Meeting Adjournment * Items for CIPC Vote Critical Infrastructure Protection Committee Agenda June 11-12,

13

14

15

16

17

18

19

20

21

22

23

24

25

26