Standards Development Update

Transcription

1 Standards Development Update Steven Noess, Director of Standards Development FRCC Reliability Performance Industry Outreach Workshop September 20, 2017 Supply Chain Risk Management 1

2 Cyber Security Supply Chain Standard Background FERC issued Order No. 829 on July 21, 2016 Standard must be filed by September 2017 Status Final ballot ended July 20, 2017 o CIP % o CIP % o CIP % NERC Board of Trustees o Solicited Policy Input July 2017 o Adopted by Board of Trustees at August 2017 meeting o Concurrently adopted six supporting and related resolutions FERC filing deadline of September 27, Focus High and medium impact BES Cyber Systems No requirements for low impact BES Cyber Systems NERC committed to addressing risks appropriately Identify best practices Develop guidance resources Support common understanding of compliance obligations 4 2

3 Policy Input How should NERC support effective implementation? How should NERC evaluate effectiveness of the standards going forward? What risks and related issues should NERC study, including risks related to low impact BES Cyber Systems not covered by the standards? Are there actions NERC should take to address additional potential supply chain risks? 5 Policy Input Themes Additional implementation guidance and time for implementation Communication through webinars and post lessons Vendors must be included Consistent audit guidelines Establish expert group for feedback on success Engage Critical Infrastructure Protection Committee (CIPC) Allow implementation time prior to evaluation Use E ISAC to track incidents Participate in cross industry forums 6 3

4 Board Resolution 1 Support Effective and Efficient Implementation: NERC to commence preparations for implementation of the Supply Chain Standards using similar methods during the CIP V5 transition, and regularly report to the Board on those activities. 7 Board Resolution 2 Cyber Security Supply Chain Risk Study: Study the nature and complexity of cyber security supply chain risks, including risks associated with low impact assets not currently subject to the Supply Chain Standards, and develop recommendations for follow up actions that will best address any issues identified. (Interim report 12 months after adoption of the resolutions and a follow up final report 18 months after adoption). 8 4

5 Board Resolution 3 Communicate Supply Chain Risks to Industry: Communicate supply chain risk developments and risks to industry and in connection with the Cyber Security Supply Chain Risk Study. 9 Board Resolutions 4 and 5 Forum White Papers: The Board requests the North American Transmission Forum and the North American Generation Forum (the Forums ) to develop (and distribute, as permissible) white papers to address best and leading practices in supply chain management, as described in the resolution. Association White Papers: The Board requests the National Rural Electric Cooperative Association and the American Public Power Association (the Associations ) to develop (and distribute, as permissible) white papers to address best and leading practices in supply chain management, as described in the resolution. 10 5

6 Board Resolution 6 Evaluate Effectiveness: Collaborating with NERC technical committees and other experts, evaluate the effectiveness of the Supply Chain Standards, as described in the resolution, and report to the Board. 11 Activities in Support Industry advisory group to support deployment ERO Enterprise auditor training Industry webinars and workshops Vendor outreach on controls Engage CIPC Form vendor/industry working groups on supply chain risks Review supply chain risk practices in other industries and communicate effective strategies Ensure BES supply chain risks are addressed by product manufacturing standards Provide latest government intelligence to industry Enlist national laboratories to test legacy systems 12 6

7 13 Technical Rationale Guidelines and Technical Basis 7

8 Background of Guidelines and Technical Basis Initially designed to support results based standards Contained an information only disclaimer Incorporated into standard development template Disclaimer paragraph was omitted Initiatives since inception Reliability Standard Audit Worksheets (RSAW) Risk based Compliance Monitoring and Enforcement Program (CMEP) Compliance Guidance Confusion around application and status, in conjunction with new initiatives 15 Purpose Provides drafting teams a mechanism to: Explain the technical basis for Reliability Standard Provide technical guidance to help support effective application To further clarify Guidelines and Technical Basis NERC staff and Standards Committee (SC) leadership coordinate Captured in Task 3 in SC Strategic Plan 16 8

9 Summary of Technical Rationale Transition existing Guidelines and Technical Basis to Technical Rationale A separate document to explain technical basis Focus on understanding technology and technical requirements No embedded compliance approaches or compliance guidance Appropriate use of NERC Compliance Guidance Policy NERC staff review for conformance 17 Work Plan Develop Technical Rationale document complete SC endorsement complete Presentation to Board of Trustees and Member Representatives Committee complete Implementation Develop ERO guidance on existing Guidelines and Technical Basis and future Technical Rationale (e.g. CMEP Practice Guide) Q3 Review existing Guidelines and Technical Basis for possible Compliance Guidance language Q4 Transition existing Guidelines and Technical Basis to Technical Rationale 2017 Q4 to 2018 Q3 18 9

10 Webinar NERC staff and SC members collaborating on initial implementation Planning additional webinar on Technical Rationale implementation in Q Relevant Documents Mandatory and enforceable components of Reliability Standards Applicability Requirements Effective dates Regulatory documents (mandatory and enforceable) ERO filing for approval Regulatory order in applicable jurisdiction Technical information (not mandatory and enforceable) Technical rationale (Guidelines and Technical basis) Whitepapers Reliability guidelines 20 10

11 Relevant Documents Audit and compliance (not mandatory and enforceable) RSAW Compliance Guidance o Implementation Guidance o CMEP Practice Guides

12 Current Standards Development Activities Project Geomagnetic Disturbance Purpose: Modifying TPL to address directives from Order No. 830 including: Modify the benchmark GMD event definition used for GMD Vulnerability Assessments; Make related modifications to requirements pertaining to transformer thermal impact assessments; Require collection of GMD related data. NERC is directed to make data available; and Require deadlines for Corrective Action Plans (CAPs) and GMD mitigating actions Status: Passed initial ballot; will be posting for final ballot in October Developer contact information: Scott Barfield McGinnis, Scott.Barfield@nerc.net 24 12

13 Project Establish and Communicate System Operating Limits Purpose: Make changes to address recommendations from Project Periodic Review of System Operating Limits: IROLs are now being studied by the technical committees through the Method for Interpreting IROLs Task Force (MEITF) Replacing FAC with a new FAC to address SOL methodology process and coordination Updating FAC 011 and FAC 014 Balloting a new definition for System Voltage Limit Seeking informal comment on revised System Operating Limit and new SOL Exceedance definitions Status: Posting for initial ballot at the end of September Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 25 Project Single Points of Failure Purpose: Make changes to TPL to address recommendations from System Protection and Control Subcommittee and System Analysis and Modeling Subcommittee assessment of single points of failure; update references to the MOD standards, and address Order No. 786 directives: Address six month threshold for planned outages Address spare equipment strategy for stability analyses Status: Posted for initial ballot September 8, 2017 Developer contact information: Latrice Harkness, latrice.harkness@nerc.net 26 13

14 Issue Area Source Status LERC definition Transient Devices for Low Impact (TCA) Shared BES Cyber Systems in CIP a Communication between BES Control Centers Transmission Owner (TO) Control Centers performing the function of a Transmission Operator (TOP) Project Modifications to CIP Standards Order 822 Order 822 Energy Sec RFI Order 822 V5TAG Completed Completed Completed CIP Formal Comment and Initial Ballot concluded on 9/11/2017. SDT preparing for Additional Ballot CIP currently posted for Formal Comment and Initial Ballot, closing 10/30/17 Virtualization in the CIP Environment V5TAG Informal Posting ended 4/11/2017; second Informal Posting anticipated fall 2017 CIP Exceptional Circumstances SAR Informal Posting ended 3/13/2017, Comments under consideration Definitions and Concepts V5TAG Being addressed in other project areas 27 Project Modifications to CIP Standards Meeting/Call Schedule Reserved call times Fridays 11:00 a.m. 1:00 p.m. Eastern Refer to the NERC Calendar of Events for other calls and in person meetings Contact Information NERC Standards Development staff, Katherine Street and Mat Bunch katherine.street@nerc.net Telephone: mat.bunch@nerc.net Telephone:

15 Project Modifications to PRC Purpose: Address issues on Generator Relay Loadability including: Provide alternative loadability Options for Table 1 specific to dispersed power producing resources; Address the inclusion or exclusion of the 50 element (i.e., instantaneous); Review Table 1 for proper application where there is more than one application for the available Option(s), Provide alternative or additional Options for Table 1 specific to relay applications that are directional toward the Transmission system where the interconnecting transmission line impedance may be a factor in determining the maximum Reactive Power output of the generators and associated relay settings; Provide an alternative to the term pickup setting in Table 1 the will better align with the intent of the standard for relays to not trip Status: Passed initial ballot Developer contact information: Scott Barfield McGinnis, Scott.Barfield@nerc.net 29 Purpose: Revise existing BAL to address: Project Modifications to BAL Inconsistencies in calculation of IFROs due to interconnection Frequency Response performance changes of Point C and/or Value B; Eastern Interconnection Resource Contingency Protection Criteria; Frequency nadir point limitations (currently limited to t0 to t+12), Clarification of language in Attachment A, i.e. related to Frequency Response Reserve Sharing Groups (FRSG) and the timeline for Frequency Response and Frequency Bias Setting activities; BAL FRS Forms enhancements that include, but may not be limited to, the ability to collect and submit FRSG performance data. Status: SAR teams being formed Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 30 15

16 Project Periodic Review of INT Standards The purpose of this project is to conduct a periodic review of a subset of the Interchange (INT) Reliability Standards: INT ; INT 006 4; INT ; and INT Provide a comprehensive review that results in a recommendation that the Reliability Standard should be: Reaffirmed; Revised; or Withdrawn. 31 Project Periodic Review of INT Standards First public meeting was conducted August 23 24, 2017 at NERC offices in Atlanta, GA Second public meeting will be conducted September 26 27, 2017 at Xcel Energy in Golden, CO Contact Laura Anderson, Standards Developer laura.anderson@nerc.net Telephone:

17 Project NUC Periodic Review Purpose Conduct a periodic review of one Nuclear Plant Interface Coordination (NUC) Reliability Standard NUC Provide a comprehensive review that results in a recommendation that the Reliability Standard should be: o Reaffirmed; o Revised; or o Withdrawn. 33 Project NUC Periodic Review First public meeting was conducted September 12 13, 2017 at NERC offices in Washington, DC Conference call scheduled for October 17 to continue working on initial recommendations Contact Mat Bunch, Standards Developer mat.bunch@nerc.net Telephone:

18 Project Modifications to BAL Purpose: Address FERC directives to modify BAL 002 2, Requirement R1, to require Balancing Authorities and Reserve Sharing Groups: To notify the reliability coordinator of the conditions set forth in Requirement R1, Part preventing it from complying with the 15 minute ACE recovery period; and To provide the reliability coordinator with its ACE recovery plan, including a target recovery time Status: SAR teams being formed Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 35 Project Standards Alignment with Registration Aligns standards with retirement of Purchasing Selling Entity (PSE), Interchange Authority (IA), and Load Serving Entity (LSE) functions. Includes three categories: Modifications to existing standards where the removal of the retired function may need replacement by another function o Reliability Standard MOD specifies certain data from LSEs that may need to be provided by other functional entities going forward Modifications where the applicable entity and references may be removed: o Standards are redlined and posted for industry comment and ballot o Edits to remove deregistered functional entities and their applicable requirements/references PRC 005 will be updated to replace DP with Underfrequency Load Shedding (UFLS) DP Addressing alignment through the periodic review process: o INT 004 and NUC

19 Project Standards Alignment with Registration SAR Drafting Team Recommendation to be presented to the Standards Committee (SC) at its October 2017 meeting SAR for Standards Alignment with Registration posted for comment 08/01/ /30/2017 SAR for MOD posted for comment 08/01/ /30/2017 Contact Laura Anderson, Standards Developer laura.anderson@nerc.net Telephone: Project Modifications to Personnel Performance, Training, and Qualifications Purpose: Make modifications to the PER standards based on the Project 2016 EPR 01 PER team recommendations: PER requires a clarifying footnote to 1) understand connection between the Standard and Program Manual and 2) certifications references under PER are from NERC System Operator Certification program; and Retire PER Status: Meeting to finalize SAR at the end of September Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 38 19

20 39 20