Frame 6 Users Group Conference. Cincinnati, OH. June 8-11 WELCOME USERS
|
|
- Bertha Hodges
- 5 years ago
- Views:
Transcription
1 Frame 6 Users Group 2009 Conference Cincinnati, OH. June WELCOME USERS
2 Control System Integration The Past, The Present and The Future (?) Presented By: Craig Corzine President & CEO June 10, :15 AM to 9:15 AM
3 Who is CSE Engineering? CSE Engineering, Inc. is a full-service engineering firm providing controls related engineering and technical services specifically to the power generation industry. CSE has a wide range of experience with gas turbine, steam turbine, balance-of of-plant, and ancillary based control systems and overall control system integration.
4 Mission Statement CSE Engineering, Inc. is in business to help the power generation industry achieve their maximum level of availability, reliability y and overall efficiency. CSE obtains these results by providing customized control system solutions tailored to meet the needs, requirements and equipment of each individual customer.
5 Affiliations Distributor for California and Western Nevada Recognized Turbine Retrofitter (RTR) CSE is an Advanced Integrator of VTS software. 505, 505E, 505Enhanced, 505LST, 505DE, 2301, GTC-190, GTC-250, Peak-150, Protech-203 VTS HMI Software VTScada SCADA VTS Alarm Dialer VTS Internet Server VTS Web Services VTS ODBC Server VTS OPC Server VTS WAP Server
6 Control System Integration The Past
7 Control System Integration of the Past PROBLEM: Standalone Configuration No Single HMI Software Solution PROBLEM: No automatic time synchronization between control systems to provide a common, system wide data time-stamp. PROBLEM: No Control-To To-Control communications for data exchange. PROBLEM: Multiple operator interface systems.
8 PROBLEM: No Single HMI Software Solution Control System Integration of the Past Hardwired I/O PROBLEM: No automatic time synchronization between control systems to provide a common, system wide data time-stamp. PROBLEM: No Control-To To-Control communications for data exchange. PROBLEM: Multiple operator interface systems.
9 Control System Integration The Present
10 PROBLEM: No Single HMI Software Solution Control System Integration of the Present The Modbus Solution PROBLEM: Modbus not capable of time-stamped data. PROBLEM: Modbus is not the native protocol for the controllers. Results in limited data access. PROBLEM: No automatic time synchronization between control systems to provide a common, system wide data time-stamp. PROBLEM: Time skewed data between the plant DCS and stand-alone alone controllers. PROBLEM: Multiple operator interface systems.
11 Control System Integration IBECS /<ITC>
12 Introducing IBECS
13 What Is IBECS? IBECS is CSE Engineering s name for the ultimate in plant control human-machine-interface software technology. The heart of the IBECS system is the industrial monitoring and control software that has been specifically designed to integrate a wide variety of legacy and newer monitoring and control devices into a plant-wide, DCS (Distributed Control System) style environment that provides state-of-art, fully-redundant communication capabilities and data display technology providing the operators with the same look, feel, and function regardless of the control system providing the data. Most plants have a variety of monitoring, control, and data acquisition devices that have been installed over the years. Many of these devices were supplied as stand-alone systems or else use components which have no data networking capability. While plant operators would like to have all data brought into a centralized control room, it is not always possible to justify the complete replacement of these devices. Even newer systems are not always supplied with compatible data communication capabilities. The IBECS system provides the plant operation, maintenance, and management staff with an easy-to-use, highly reliable, robust, fully redundant man-machine-interface system that makes maximum use of existing control equipment capabilities and provides the latest in communication and data presentation technology to a plant of any vintage.
14 Resolved: Single HMI solution for ALL controllers Control System Integration The Present The IBECS Solution Resolved: Unlimited data exchange between the individual control systems and the operator interface using the control system s s native communications protocol. Resolved: Automatic time synchronization between control systems to provide a common, system wide data time-stamp. Resolved: Capable of time-stamped data.
15
16 What Is <ITC>? <ITC> is an acronym that stands for IBECS for Turbine Control. <ITC> is a specialized IBECS software application specifically designed to replace the SmartRemote, Mark IV <D>, <I> and HMI operator interface systems provided with GE SpeedTronic Mark IV s, Mark V s and Mark VI s. What Does <ITC> do? The <ITC> system provides all the functionality of the Mark V <I> or HMI interface. The <ITC> system communicates directly with the Mark IV+ (80286) and Mark V turbine control panels over the existing StageLink using standard off-the-shelf PCI ARCnet interface technology. Incorporated into the <ITC> application are standard operator screens to monitor and control the turbine plus standard utility programs such as Control Sequence Program editor (modify, compile, and download), I/O Configuration editor (modify, compile, and download), Control Constant Editor (compile and download), LVDT Auto-Calibration, etc. Additionally, the <ITC> application has a Real- Time Rung Display (RRD) with sophisticated search and navigation tools to display the Control Sequence Program (CSP) with dynamic real-time data. Additionally, the <ITC> system is designed to as a gateway between the Mark V and any other computer or control system providing a direct read/write data exchange path between the devices for monitoring and control. This feature is very useful for DCS monitoring and control, remote (off-site) monitoring and control, historical data storage, report generation, etc.
17 Control System Communication Configuration Diagram 6 HMI Server 1, Server 2, and Server 3 are redundant of each other. Unlimited number of Servers. Unlimited number of Clients. Time-Stamped Analog data. Time-Stamped Digital data. Time-Stamped Alarm data. Servers and Clients act as redundant gateways to external systems such as PI, OPC, DCS, and PLC s. Communicates to Mk IV s s and Mk V s V s using native ARCnet based protocol. Utilizes standard off-the the-shelf hardware. Utilizes standard off-the the-shelf software. Utilizes non-proprietary, standard off-the the-shelf ARCnet cards. Encrypted communications for remote Thin and Thick clients.
18 <ITC> Utilities Real-Time Rung Display (RRD) Sophisticated search and navigation tools Control Sequence Program (CSP) Dynamic real-time data Logic Forcing Control Constant Adjustor (Compile and Download) Auto-Calibrate EEPROM Interface (Upload and Download) View Tools Pre-Vote Data Diag_C Interface Mk5 Sequence Editor (Modify, Compile, and Download) I/O Configurator (Modify, Compile, and Download)
19 Control Constant Modification
20 Auto Calibrate
21 EEProm Utility
22 Logic Forcing
23 View Tools
24 Pre-Vote Display
25 Quick Sheet Display
26 Real-Time Rung Display
27 Real-Time Rung Display
28 Networking and Redundancy
29 Alarm and Event Management Time Stamped Data To the Mill-Second using Mk V clock
30 Data Trending Real-Time Historical Zoom in X Zoom in Y Export Data
31 Data Trending Logged Comments
32 <ITC> - Reporting
33 Control System Integration The Future
34 Control System Integration The Future FERC / NERC Who is FERC and NERC and why should I care? FERC is the Federal Energy Regulatory Commission (Commission) Section 215 of the Federal Power Act (FPA) requires a Commission-certified Electric Reliability Organization (ERO) to develop mandatory and enforceable Reliability Standards, which are subject to Commission on review and approval. Once approved, the Reliability Standards may be enforced by the ERO, subject to Commission mission oversight, or the Commission can independently enforce Reliability Standards. Pursuant to section 215 of the FPA, the Commission established a process to select and certify an ERO and, subsequently, certified NERC as the ERO. NERC is the North American Electric Reliability Corporation (ERO) Prior to being certified by the Commission as the ERO, NERC had developed a cyber security standard for the electric industry on a voluntary basis. This voluntary standard, Urgent Action 1200, was adopted in 2003, and remained in effect on a voluntary basis until June 1, 2006, at which w time the eight CIP Reliability Standards that are the subject of the current rulemaking replaced the Urgent Action 1200 standard.
35 Control System Integration The Future FERC / NERC NERC submitted to the Commission for approval the following eight t CIP Reliability Standards: CIP Cyber Security Critical Cyber Asset Identification: Requires a responsible entity to identify its critical assets and d critical cyber assets using a risk- based assessment methodology. CIP Cyber Security Security Management Controls: Requires a responsible entity to develop and implement security management controls to protect critical cyber assets identified pursuant to CIP CIP Cyber Security Personnel & Training: Requires personnel with access to critical cyber assets to have identity verification and a criminal check. It also requires employee training. CIP Cyber Security Electronic Security Perimeters: Requires the identification and protection of an electronic security perimeter and access points. The electronic security perimeter is to encompass the critical cyber c assets identified pursuant to the methodology required by CIP
36 Control System Integration The Future FERC / NERC CIP Cyber Security Physical Security of Critical Cyber Assets: Requires a responsible entity to create and maintain a physical security plan that ensures that all cyber assets within an electronic security perimeter are kept in an identified physical security perimeter. CIP Cyber Security Systems Security Management: Requires a responsible entity to define methods, processes, and procedures for securing the systems identified as critical cyber assets, as well as the non-critical cyber assets within an electronic security perimeter. CIP Cyber Security Incident Reporting and Response Planning: Requires a responsible entity to identify, classify, respond to, and report cyber security incidents related to critical cyber assets. CIP Cyber Security Recovery Plans for Critical Cyber Assets: Requires the establishment of recovery plans for critical cyber assets using established business continuity and disaster recovery techniques and practices.
37 Control System Integration The Future FERC / NERC Why should I be concerned about complying with these standards if I don t meet the existing criteria? Because it s on the way!!!!! Section 41. California Commission comments that small entities can become a weak link whose failure could harm Bulk-Power System reliability. It is concerned that an entity that should be registered may slip through the identification process. Accordingly, California Commission suggests that any entity connected to the Bulk-Power System, regardless of size, must comply with the CIP Reliability Standards irrespective of their registration status. 122 FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)
38 Control System Integration The Future FERC / NERC Section 49. The Commission also adopts its CIP NOPR approach and concludes that reliance on the NERC registration process at this time is an appropriate means of identifying the entities that must comply with the CIP Reliability Standards. We are concerned, like the California Commission, that some small entities that are not identified in the NERC registry may become gateways for cyber attacks. However, we are not prepared to adopt California Commission s suggested approach of requiring that any entity connected to the Bulk-Power System, regardless of size, must comply with the CIP Reliability Standards irrespective of the NERC registry. We believe this approach is overly-expansive and may raise jurisdictional issues. Rather, we rely on NERC and the Regional Entities to be vigilant in assuring that all appropriate entities are registered to ensure the security of the Bulk-Power System. 122 FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)
39 Control System Integration The Future FERC / NERC / NIST Section 25. The Commission believes that the NIST standards may provide valuable guidance when NERC develops future iterations of the CIP Reliability Standards. Thus, as discussed below, we direct NERC to address revisions to the CIP Reliability Standards CIP through CIP considering applicable features of the NIST framework. However, in response to Applied Control Solutions, we will not delay the effectiveness of the CIP Reliability Standards by directing the replacement of the current CIP Reliability Standards with others based on the NIST framework. 122 FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)
40 Control System Integration The Future FERC / NERC / NIST 1 Section 279. The Commission accepts the explanation of the ERO and Reliability First that a control system could be a critical cyber asset, but not a critical asset As was stated in the CIP Assessment, a control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. It is typically a specialized computer system or programmable logic controller that manages, commands, directs or regulates the behavior of other devices or systems in a physical environment, e.g., open or close switches or relays, start or stop motors, or control motor speed FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)
41 Control System Integration The Future FERC / NERC / NIST 1 For the purpose of Standard CIP-002-2, Critical Cyber Assets are further qualified to be those having at least one of the following characteristics: R3.1. The Cyber Asset uses a routable protocol to communicate outside the Electronic Security Perimeter; or, R3.2. The Cyber Asset uses a routable protocol within a control center; or, R3.3. The Cyber Asset is dial-up accessible. What's the Routable Protocol Data being sent from one LAN to another along any of several available paths is routed. The protocols that support multipath LAN-to-LAN communications are known as 'Routable Protocols'. Because routable protocols can be used to tie several LANs together and create new wide-area environments, they are becoming increasingly important. TCP/IP is the 'routable protocol'. Because Routable Protocols are relatively large protocols than the non-routable ones, they are slow in everything. They involve many types of error-checking and other functions, which increase the size of data-packets. 1 Standard CIP Cyber Security Critical Cyber Asset Identification
42 Control System Integration The Future FERC / NERC Compliance
43 In Summary
44 Where s s Your Pain? Control System Obsolete? Reliability Issues? Always Tripping Offline? Parts Hard to Find? Patients At An End? Yelling, Kicking, Screaming Not Solving Anything?
45 Do you have a CRAPPY control system? Tell us what causes you the most problems WE CAN FIX IT! csesupport@cse-
NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION
NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION NARUC Energy Regulatory Partnership Program The Public Services Regulatory Commission of Armenia and The Iowa Utilities Board Janet Amick Senior Utility
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014
Federal Energy Regulatory Commission Order No. 791 June 2, 2014 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently proposed
More informationStandard CIP Cyber Security Security Management Controls
A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-4 3. Purpose: Standard CIP-003-4 requires that Responsible Entities have minimum security management controls in
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015
Federal Energy Regulatory Commission Order No. 791 January 23, 2015 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationStandards Authorization Request Form
Standards Authorization Request Form When completed, email this form to: sarcomm@nerc.com NERC welcomes suggestions to improve the reliability of the bulk power system through improved reliability standards.
More informationUNITED STATES OF AMERICA BEFORE THE U.S. DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
UNITED STATES OF AMERICA BEFORE THE U.S. DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY COMMENTS OF THE NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION ON NIST FRAMEWORK AND ROADMAP
More informationCyber Security Reliability Standards CIP V5 Transition Guidance:
Cyber Security Reliability Standards CIP V5 Transition Guidance: ERO Compliance and Enforcement Activities during the Transition to the CIP Version 5 Reliability Standards To: Regional Entities and Responsible
More informationCyber Threats? How to Stop?
Cyber Threats? How to Stop? North American Grid Security Standards Jessica Bian, Director of Performance Analysis North American Electric Reliability Corporation AORC CIGRE Technical Meeting, September
More informationDRAFT. Cyber Security Communications between Control Centers. March May Technical Rationale and Justification for Reliability Standard CIP-012-1
DRAFT Cyber Security Communications between Control Centers Technical Rationale and Justification for Reliability Standard CIP-012-1 March May 2018 NERC Report Title Report Date I Table of Contents Preface...
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION ) )
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Cyber Security Incident Reporting Reliability Standards ) ) Docket Nos. RM18-2-000 AD17-9-000 COMMENTS OF THE NORTH AMERICAN ELECTRIC
More informationEEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1,
EEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1, 2008 www.morganlewis.com Overview Reliability Standards Enforcement Framework Critical Infrastructure Protection (CIP)
More informationSummary of FERC Order No. 791
Summary of FERC Order No. 791 On November 22, 2013, the Federal Energy Regulatory Commission ( FERC or Commission ) issued Order No. 791 adopting a rule that approved Version 5 of the Critical Infrastructure
More informationSmart Grid Standards and Certification
Smart Grid Standards and Certification June 27, 2012 Annabelle Lee Technical Executive Cyber Security alee@epri.com Current Environment 2 Current Grid Environment Legacy SCADA systems Limited cyber security
More information151 FERC 61,066 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION ORDER DENYING REHEARING. (Issued April 23, 2015)
151 FERC 61,066 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Norman C. Bay, Chairman; Philip D. Moeller, Cheryl A. LaFleur, Tony Clark, and Colette D. Honorable.
More informationRELIABILITY COMPLIANCE ENFORCEMENT IN ONTARIO
RELIABILITY COMPLIANCE ENFORCEMENT IN ONTARIO June 27, 2016 Training provided for Ontario market participants by the Market Assessment and Compliance Division of the IESO Module 1 A MACD training presentation
More informationCyber Security Standards Drafting Team Update
Cyber Security Standards Drafting Team Update Michael Assante, VP & Chief Security Officer North American Electric Reliability Corp. February 3, 2008 Overview About NERC Project Background Proposed Modifications
More informationStandard CIP 005 4a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-4a 3. Purpose: Standard CIP-005-4a requires the identification and protection of the Electronic Security Perimeter(s)
More informationNew Brunswick 2018 Annual Implementation Plan Version 1
New Brunswick Energy and Utilities Board Reliability Standards, Compliance and Enforcement Program New Brunswick 2018 Annual Implementation Plan Version 1 December 28, 2017 Table of Contents Version History...
More informationImplementation Plan for Version 5 CIP Cyber Security Standards
Implementation Plan for Version 5 CIP Cyber Security Standards April 10September 17, 2012 Note: On September 17, 2012, NERC was alerted that some references in the Initial Performance of Certain Periodic
More informationBILLING CODE P DEPARTMENT OF ENERGY FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ]
This document is scheduled to be published in the Federal Register on 07/22/2015 and available online at http://federalregister.gov/a/2015-17920, and on FDsys.gov BILLING CODE 6717-01-P DEPARTMENT OF ENERGY
More informationCyber Security Incident Report
Cyber Security Incident Report Technical Rationale and Justification for Reliability Standard CIP-008-6 January 2019 NERC Report Title Report Date I Table of Contents Preface... iii Introduction... 1 New
More informationUNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION COMMENTS OF THE PENNSYLVANIA PUBLIC UTILITY COMMISSION
UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Physical Security Reliability : Standard : Docket No. RD14-15-000 COMMENTS OF THE PENNSYLVANIA PUBLIC UTILITY COMMISSION I. INTRODUCTION On
More informationCybersecurity for the Electric Grid
Cybersecurity for the Electric Grid Electric System Regulation, CIP and the Evolution of Transition to a Secure State A presentation for the National Association of Regulatory Utility Commissioners March
More information154 FERC 61,037 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ]
154 FERC 61,037 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM15-14-000] Revised Critical Infrastructure Protection Reliability Standards (Issued January 21,
More informationBILLING CODE P DEPARTMENT OF ENERGY Federal Energy Regulatory Commission. 18 CFR Part 40. [Docket No. RM ]
This document is scheduled to be published in the Federal Register on 01/26/2016 and available online at http://federalregister.gov/a/2016-01505, and on FDsys.gov BILLING CODE 6717-01-P DEPARTMENT OF ENERGY
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More information162 FERC 61,044 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ]
162 FERC 61,044 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM17-13-000] Supply Chain Risk Management Reliability Standards (January 18, 2018) AGENCY: Federal
More informationPhysical Security Reliability Standard Implementation
Physical Security Reliability Standard Implementation Attachment 4b Action Information Background On March 7, 2014, the Commission issued an order directing NERC to submit for approval, within 90 days,
More informationCIP Version 5 Evidence Request User Guide
CIP Version 5 Evidence Request User Guide Version 1.0 December 15, 2015 NERC Report Title Report Date I Table of Contents Preface... iv Introduction... v Purpose... v Evidence Request Flow... v Sampling...
More informationHistory of NERC December 2012
History of NERC December 2012 Timeline Date 1962-1963 November 9, 1965 1967 1967-1968 June 1, 1968 July 13-14, 1977 1979 1980 Description Industry creates an informal, voluntary organization of operating
More informationStandard CIP 005 2a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2a 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationBILLING CODE P DEPARTMENT OF ENERGY Federal Energy Regulatory Commission. [Docket No. RM ] Cyber Systems in Control Centers
This document is scheduled to be published in the Federal Register on 07/28/2016 and available online at http://federalregister.gov/a/2016-17854, and on FDsys.gov BILLING CODE 6717-01-P DEPARTMENT OF ENERGY
More informationStandard CIP Cyber Security Critical Cyber As s et Identification
A. Introduction 1. Title: Cyber Security Critical Cyber Asset Identification 2. Number: CIP-002-4 3. Purpose: NERC Standards CIP-002-4 through CIP-009-4 provide a cyber security framework for the identification
More informationStandard CIP-006-4c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-4c 3. Purpose: Standard CIP-006-4c is intended to ensure the implementation of a physical security
More informationStandard CIP-006-3c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security
More informationStandard CIP Cyber Security Critical Cyber As s et Identification
A. Introduction 1. Title: Cyber Security Critical Cyber Asset Identification 2. Number: CIP-002-4 3. Purpose: NERC Standards CIP-002-4 through CIP-009-4 provide a cyber security framework for the identification
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationNERC Request for Data or Information: Protection System Misoperation Data Collection August 14, 2014
Request for Data or Information Protection System Misoperation Data Collection August 14, 2014 3353 Peachtree Road NE Suite 600, North Tower Atlanta, GA 30326 404-446-2560 www.nerc.com 1 of 15 Table of
More informationBILLING CODE P DEPARTMENT OF ENERGY. Federal Energy Regulatory Commission. 18 CFR Part 40. [Docket No. RM ]
This document is scheduled to be published in the Federal Register on 01/25/2018 and available online at https://federalregister.gov/d/2018-01247, and on FDsys.gov BILLING CODE 6717-01-P DEPARTMENT OF
More informationMisoperations Information Data Analysis System (MIDAS)
Misoperations Information Data Analysis System (MIDAS) End User Guide June 2016 NERC Report Title Report Date I Table of Contents Preface... iii Chapter 1 Reporting Obligations...1 Entities Obligated to
More informationCIP Cyber Security Configuration Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-6 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the Bulk Electric
More informationRegulatory Impacts on Research Topics. Jennifer T. Sterling Director, Exelon NERC Compliance Program
Regulatory Impacts on Research Topics Jennifer T. Sterling Director, Exelon NERC Compliance Program The 2003 Blackout On August 14, 2003, an electric power blackout affected large portions of the Northeast
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 3 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationOPERATIONS CONTROL CENTER
OPERATIONS CONTROL CENTER STANDARD SERVICES 24/7/365 Remote Monitoring Fault Notification & Remote Resets Curtailment Management ADVANCED SERVICES In addition to our Standard Services, Advanced Services
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Supply Chain Risk Management ) Docket No. RM17-13-000 Reliability Standards ) COMMENTS OF THE ISO/RTO COUNCIL The ISO/RTO Council
More information163 FERC 61,032 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ; Order No.
163 FERC 61,032 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM17-11-000; Order No. 843] Revised Critical Infrastructure Protection Reliability Standard CIP-003-7
More informationImplementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities
Implementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities This Implementation Plan applies to Cyber Security Standards CIP-002-2 through CIP-009-2 and CIP-002-3 through
More informationCyber Attacks on Energy Infrastructure Continue
NERC Cybersecurity Compliance Stephen M. Spina February 26, 2013 www.morganlewis.com Cyber Attacks on Energy Infrastructure Continue According to DHS, the energy sector was the focus of 40% of the reported
More informationStandard CIP Cyber Security Incident Reporting and Response Planning
A. Introduction 1. Title: Cyber Security Incident Reporting and Response Planning 2. Number: CIP-008-4 3. Purpose: Standard CIP-008-4 ensures the identification, classification, response, and reporting
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationProposed Clean and Redline for Version 2 Implementation Plan
Exhibit A Implementation Plans for CIP-002-2 through CIP-009-2 and CIP-002-3 and CIP-009-3 For Generator Owners and Generator Operators of U.S. Nuclear Power Plants Proposed Clean and Redline for Version
More informationRe: North American Electric Reliability Corporation Docket No. RM
September 15, 2009 VIA ELECTRONIC FILING Ms. Kimberly D. Bose Secretary Federal Energy Regulatory Commission 888 First Street, NE Washington, D.C. 20426 Dear Ms. Bose: Re: rth American Electric Reliability
More informationA. Introduction 1. Title: 2. Number: 3. Purpose: 4. Applicability: 4.1. Functional Entities: Balancing Authority Distribution Provider
The Background, VRF/VSLs, and Guidelines and Technical Basis Sections have been removed for this informal posting. The Project 2016-02 is seeking comments around the concept of the Requirement/Measure
More informationStandard CIP Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security program
More informationHistory of NERC August 2013
History of NERC August 2013 Timeline Date 1962 1963 November 9, 1965 1967 1967 1968 June 1, 1968 July 13 14, 1977 1979 Description The electricity industry creates an informal, voluntary organization of
More informationNERC and Regional Coordination Update
NERC and Regional Coordination Update Mark Kuras Sr. Lead Engineer, NERC and Regional Coordination Planning Committee April 7, 2016 NERC Standards Under Development Standards Project Activity Due Date
More informationImplementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities
Implementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities This Implementation Plan applies to Cyber Security Standards CIP-002-2 through CIP-009-2 and CIP-002-3 through
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION ) ) )
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Essential Reliability Services and the Evolving Bulk-Power System -- Primary Frequency Response ) ) ) Docket No. RM16-6-000 SUPPLEMENTAL
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-5.1 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the BES from individuals
More informationStandards Authorization Request Form
Standards Authorization Request Form When completed, email this form to: sarcomm@nerc.com NERC welcomes suggestions to improve the reliability of the bulk power system through improved reliability standards.
More informationUnofficial Comment Form Project Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i)
Unofficial Comment Form Project 2016-02 Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i) Do not use this form for submitting comments. Use the electronic form to submit
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Cyber Security Incident Reporting Reliability Standards Docket Nos. RM18-2-000 AD17-9-000 COMMENTS OF THE AMERICAN PUBLIC POWER
More informationNERC Overview and Compliance Update
NERC Overview and Compliance Update Eric Ruskamp Manager, Regulatory Compliance August 17, 2018 1 Agenda NERC Overview History Regulatory Hierarchy Reliability Standards Compliance Enforcement Compliance
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationLow Impact Generation CIP Compliance. Ryan Walter
Low Impact Generation CIP Compliance Ryan Walter Agenda Entity Overview NERC CIP Introduction CIP-002-5.1, Asset Classification What Should Already be Done CIP-003-7, Low Impact Requirements Tri-State
More informationCIP Standards Development Overview
CIP Standards Development Overview CSSDTO706 Meeting with FERC Technical Staff July 28, 2011 Objectives Historical Timeline CIP-002-4 CIP-005-4 CIP Version 5 2 Project 2008-06 Overview FERC Order 706 SDT
More informationUNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION ) )
UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION Version 5 Critical Infrastructure Protection Reliability Standards ) ) Docket No. RM13-5- INFORMATIONAL FILING OF THE NORTH AMERICAN
More informationLesson Learned CIP Version 5 Transition Program
Lesson Learned CIP Version 5 Transition Program CIP-002-5: BES Cyber Assets Version: December 7, 2015 This document is designed to convey lessons learned from NERC s various CIP version 5 transition activities.
More informationStandard Authorization Request Form
Title of Proposed Standard Cyber Security Request Date May 2, 2003 SAR Requestor Information Name Charles Noble (on behalf of CIPAG) Company Telephone SAR Type (Check box for one of these selections.)
More informationOvation Ethernet Link Controller Module Data Sheet
Ovation Ethernet Link Controller Module Features: Provides native Ethernet connectivity capability at the I/O level Enables faster, more efficient integration of robust data from third-party devices Dedicated
More informationStandard CIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for securing
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-1 3. Purpose: Standard CIP-005 requires the identification and protection of the Electronic Security Perimeter(s)
More informationCyber Security Supply Chain Risk Management
Cyber Security Supply Chain Risk Management JoAnn Murphy, SDT Vice Chair, PJM Interconnection May 31, 2017 FERC Order No. 829 [the Commission directs] that NERC, pursuant to section 215(d)(5) of the FPA,
More informationExhibit G. Order No. 672 Criteria for Approving Proposed Reliability Standards
Exhibit G Order No. 672 Criteria for Approving Proposed Reliability Standards EXHIBIT G Demonstration that the proposed Reliability Standard is just, reasonable, not unduly discriminatory or preferential
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationReliability Standard Audit Worksheet 1
Reliability Standard Audit Worksheet 1 CIP-002-5.1 Cyber Security BES Cyber System Categorization This section to be completed by the Compliance Enforcement Authority. Audit ID: Registered Entity: NCR
More informationProject Retirement of Reliability Standard Requirements
Project 2013-02 Retirement of Reliability Standard Requirements Unofficial Comment Form for Paragraph 81 (P81) Project Retirement of Reliability Standard Requirements This form is provided in a Word format
More informationHistory of NERC January 2018
History of NERC January 2018 Date 1962 1963 The electricity industry created an informal, voluntary organization of operating personnel to facilitate coordination of the bulk power system in the United
More informationCIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security System Security Management 2. Number: CIP-007-5 3. Purpose: To manage system security by specifying select technical, operational, and procedural requirements in
More informationCIP Cyber Security Recovery Plans for BES Cyber Systems
A. Introduction 1. Title: Cyber Security Recovery Plans for BES Cyber Systems 2. Number: CIP-009-6 3. Purpose: To recover reliability functions performed by BES Cyber Systems by specifying recovery plan
More informationThis section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Description of Current Draft
More informationGrid Security & NERC
Grid Security & NERC Janet Sena, Senior Vice President, Policy and External Affairs Southern States Energy Board 2017 Associate Members Winter Meeting February 27, 2017 Recent NERC History Energy Policy
More informationOvation Machinery Health Monitor for the Power Industry
Ovation Machinery Health Monitor for the Power Industry Features Improves asset performance by delivering distributed control, machinery protection and predictive machinery health monitoring from a single
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationTechnical Questions and Answers CIP Version 5 Standards Version: June 13, 2014
Technical s and s CIP Version 5 Standards Version: June 13, 2014 This document is designed to convey lessons learned from NERC s various activities. It is not intended to establish new requirements under
More informationCYBER SECURITY POLICY REVISION: 12
1. General 1.1. Purpose 1.1.1. To manage and control the risk to the reliable operation of the Bulk Electric System (BES) located within the service territory footprint of Emera Maine (hereafter referred
More informationStandard CIP-006-1a Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-1a 3. Purpose: Standard CIP-006 is intended to ensure the implementation of a physical security program
More informationThis draft standard is being posted for an initial comment and ballot. The draft includes modifications to meet the directives of FERC Order No. 791.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationProject Cyber Security - Order No. 791 Identify, Assess, and Correct; Low Impact; Transient Devices; and Communication Networks Directives
Project 2014-02 - Cyber Security - Order No. 791 Identify, Assess, and Correct; Low Impact; Transient Devices; and Communication Networks Directives Violation Risk Factor and Justifications The tables
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationSUMMARY: The Federal Energy Regulatory Commission (Commission) proposes to
This document is scheduled to be published in the Federal Register on 12/28/2017 and available online at https://federalregister.gov/d/2017-28083, and on FDsys.gov DEPARTMENT OF ENERGY Federal Energy Regulatory
More informationSECURING THE SUPPLY CHAIN
SECURING THE SUPPLY CHAIN BY Jerome Farquharson, CISSP, Donald Dustin Williams, PE, AND Courtney Buser The advance of smart grids, smart devices and increasingly interconnected systems provides exceptional
More informationGrid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016
Grid Security & NERC Council of State Governments The Future of American Electricity Policy Academy Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016 1965 Northeast blackout
More informationCOMPASS FOR THE COMPLIANCE WORLD. Asia Pacific ICS Security Summit 3 December 2013
COMPASS FOR THE COMPLIANCE WORLD Asia Pacific ICS Security Summit 3 December 2013 THE JOURNEY Why are you going - Mission Where are you going - Goals How will you get there Reg. Stnd. Process How will
More information