Standards Development Update

Similar documents
New Brunswick 2018 Annual Implementation Plan Version 1

Physical Security Reliability Standard Implementation

ERO Enterprise Strategic Planning Redesign

Reliability Standards Development Plan

Standard Development Timeline

British Columbia Utilities Commission Reliability Standards with Effective Dates adopted in British Columbia

NERC Relay Loadability Standard Reliability Standards Webinar November 23, 2010

Standard Development Timeline

NERC and Regional Coordination Update. Operating Committee Preston Walker January 9, 2018

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Standards Authorization Request Form

This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.

Critical Infrastructure Protection Version 5

Cyber Security Reliability Standards CIP V5 Transition Guidance:

Disclaimer Executive Summary Introduction Overall Application of Attachment Generation Transmission...

Impacts and Implementation: NERC Reliability Standards, Compliance Initiatives, and Regulatory Activities

This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.

Proposed Clean and Redline for Version 2 Implementation Plan

CIP Cyber Security Incident Reporting and Response Planning

This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.

This draft standard is being posted for an initial comment and ballot. The draft includes modifications to meet the directives of FERC Order No. 791.

Cyber Security Standards Drafting Team Update

CIP Cyber Security Security Management Controls. Standard Development Timeline

Standard Development Timeline

CIP Version 5 Transition. Steven Noess, Director of Compliance Assurance Member Representatives Committee Meeting November 12, 2014

NERC CIP Information Protection

CIP Cyber Security Configuration Management and Vulnerability Assessments

Project Retirement of Reliability Standard Requirements

Proposed Convention for Numbering of NERC Reliability Standards Draft September 9, 2004

Reliability Standards Development Plan

Standard CIP 007 3a Cyber Security Systems Security Management

Standard CIP Cyber Security Critical Cyber As s et Identification

Unofficial Comment Form 1st Draft of PRC-005-3: Protection System and Automatic Reclosing Maintenance (Project )

Critical Cyber Asset Identification Security Management Controls

Reliability Standard Audit Worksheet 1

Standard CIP 007 4a Cyber Security Systems Security Management

Standard Development Timeline

Reliability Standard Audit Worksheet 1

Critical Infrastructure Protection Committee Strategic Plan

CIP Cyber Security Critical Cyber Asset Identification. Rationale and Implementation Reference Document

Meeting- Overview of. Development

Reliability Standard Audit Worksheet 1

CIP Cyber Security Recovery Plans for BES Cyber Systems

Standard CIP Cyber Security Critical Cyber As s et Identification

Standard Development Timeline

Unofficial Comment Form Project Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i)

Québec Reliability Standards Compliance Monitoring and Enforcement Program Implementation Plan Annual Implementation Plan

CIP Cyber Security Personnel & Training

The North American Electric Reliability Corporation ( NERC ) hereby submits

Implementation Plan for Version 5 CIP Cyber Security Standards

Standard Development Timeline

Standard Development Timeline

A. Introduction 1. Title: 2. Number: 3. Purpose: 4. Applicability: 4.1. Functional Entities: Balancing Authority Distribution Provider

Critical Infrastructure Protection (CIP) Version 5 Revisions. Standard Drafting Team Update Industry Webinar September 19, 2014

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

primary Control Center, for the exchange of Real-time data with its Balancing

Standard INT Dynamic Transfers

Cyber Security Incident Report

CIP Standards Development Overview

Standard CIP 005 4a Cyber Security Electronic Security Perimeter(s)

Standard Development Timeline

Standard Development Timeline

Standard CIP Cyber Security Security Management Controls

Consideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015

Summary of FERC Order No. 791

Project Modifications to BAL Frequency Response and Frequency Bias Setting. Industry Webinar December 18, 2018

1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010

Consideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014

CIP V5 Updates Midwest Energy Association Electrical Operations Conference

Standard Development Timeline

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Standard CIP Cyber Security Incident Reporting and Response Planning

Industry Webinar. Project Single Points of Failure. August 23, 2018

Standard Development Timeline

DRAFT Reliability Standard Audit Worksheet 1

Standard INT Dynamic Transfers

Standard CIP Cyber Security Systems Security Management

Reliability Standard Audit Worksheet 1

CIP Cyber Security Recovery Plans for BES Cyber Systems

FERC Reliability Technical Conference Panel III: ERO Performance and Initiatives ESCC and the ES-ISAC

Standards. Mark Lauby, Vice President and Director of Standards Board of Trustees Meeting November 7, 2013

Standard CIP Cyber Security Electronic Security Perimeter(s)

CIP Cyber Security Recovery Plans for BES Cyber Systems

Cyber Security Supply Chain Risk Management

Standard CIP-006-3c Cyber Security Physical Security

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Project Cyber Security - Order No. 791 Identify, Assess, and Correct; Low Impact; Transient Devices; and Communication Networks Directives

Compliance Enforcement Initiative

CIP Cyber Security Systems Security Management

Draft CIP Standards Version 5

Additional 45-Day Comment Period September Final Ballot is Conducted October/November Board of Trustees (Board) Adoption November 2014

Member Representatives Committee Meeting

Unofficial Comment Form

Standard CIP 004 3a Cyber Security Personnel and Training

CIP Cyber Security Personnel & Training

A. Introduction. B. Requirements and Measures

Standard CIP 005 2a Cyber Security Electronic Security Perimeter(s)

Standards Authorization Request Form

NERC and Regional Coordination Update

CCC Compliance Guidance Task Force. Patti Metro, Manager, Transmission & Reliability Standards, NRECA Compliance Committee May 4, 2016

Transcription:

Standards Development Update Steven Noess, Director of Standards Development FRCC Reliability Performance Industry Outreach Workshop September 20, 2017 Supply Chain Risk Management 1

Cyber Security Supply Chain Standard Background FERC issued Order No. 829 on July 21, 2016 Standard must be filed by September 2017 Status Final ballot ended July 20, 2017 o CIP 013 1 84.2% o CIP 005 6 88.8% o CIP 010 3 81.4% NERC Board of Trustees o Solicited Policy Input July 2017 o Adopted by Board of Trustees at August 2017 meeting o Concurrently adopted six supporting and related resolutions FERC filing deadline of September 27, 2017 3 Focus High and medium impact BES Cyber Systems No requirements for low impact BES Cyber Systems NERC committed to addressing risks appropriately Identify best practices Develop guidance resources Support common understanding of compliance obligations 4 2

Policy Input How should NERC support effective implementation? How should NERC evaluate effectiveness of the standards going forward? What risks and related issues should NERC study, including risks related to low impact BES Cyber Systems not covered by the standards? Are there actions NERC should take to address additional potential supply chain risks? 5 Policy Input Themes Additional implementation guidance and time for implementation Communication through webinars and post lessons Vendors must be included Consistent audit guidelines Establish expert group for feedback on success Engage Critical Infrastructure Protection Committee (CIPC) Allow implementation time prior to evaluation Use E ISAC to track incidents Participate in cross industry forums 6 3

Board Resolution 1 Support Effective and Efficient Implementation: NERC to commence preparations for implementation of the Supply Chain Standards using similar methods during the CIP V5 transition, and regularly report to the Board on those activities. 7 Board Resolution 2 Cyber Security Supply Chain Risk Study: Study the nature and complexity of cyber security supply chain risks, including risks associated with low impact assets not currently subject to the Supply Chain Standards, and develop recommendations for follow up actions that will best address any issues identified. (Interim report 12 months after adoption of the resolutions and a follow up final report 18 months after adoption). 8 4

Board Resolution 3 Communicate Supply Chain Risks to Industry: Communicate supply chain risk developments and risks to industry and in connection with the Cyber Security Supply Chain Risk Study. 9 Board Resolutions 4 and 5 Forum White Papers: The Board requests the North American Transmission Forum and the North American Generation Forum (the Forums ) to develop (and distribute, as permissible) white papers to address best and leading practices in supply chain management, as described in the resolution. Association White Papers: The Board requests the National Rural Electric Cooperative Association and the American Public Power Association (the Associations ) to develop (and distribute, as permissible) white papers to address best and leading practices in supply chain management, as described in the resolution. 10 5

Board Resolution 6 Evaluate Effectiveness: Collaborating with NERC technical committees and other experts, evaluate the effectiveness of the Supply Chain Standards, as described in the resolution, and report to the Board. 11 Activities in Support Industry advisory group to support deployment ERO Enterprise auditor training Industry webinars and workshops Vendor outreach on controls Engage CIPC Form vendor/industry working groups on supply chain risks Review supply chain risk practices in other industries and communicate effective strategies Ensure BES supply chain risks are addressed by product manufacturing standards Provide latest government intelligence to industry Enlist national laboratories to test legacy systems 12 6

13 Technical Rationale Guidelines and Technical Basis 7

Background of Guidelines and Technical Basis Initially designed to support results based standards Contained an information only disclaimer Incorporated into standard development template Disclaimer paragraph was omitted Initiatives since inception Reliability Standard Audit Worksheets (RSAW) Risk based Compliance Monitoring and Enforcement Program (CMEP) Compliance Guidance Confusion around application and status, in conjunction with new initiatives 15 Purpose Provides drafting teams a mechanism to: Explain the technical basis for Reliability Standard Provide technical guidance to help support effective application To further clarify Guidelines and Technical Basis NERC staff and Standards Committee (SC) leadership coordinate Captured in Task 3 in SC Strategic Plan 16 8

Summary of Technical Rationale Transition existing Guidelines and Technical Basis to Technical Rationale A separate document to explain technical basis Focus on understanding technology and technical requirements No embedded compliance approaches or compliance guidance Appropriate use of NERC Compliance Guidance Policy NERC staff review for conformance 17 Work Plan Develop Technical Rationale document complete SC endorsement complete Presentation to Board of Trustees and Member Representatives Committee complete Implementation Develop ERO guidance on existing Guidelines and Technical Basis and future Technical Rationale (e.g. CMEP Practice Guide) Q3 Review existing Guidelines and Technical Basis for possible Compliance Guidance language Q4 Transition existing Guidelines and Technical Basis to Technical Rationale 2017 Q4 to 2018 Q3 18 9

Webinar NERC staff and SC members collaborating on initial implementation Planning additional webinar on Technical Rationale implementation in Q4 2017 19 Relevant Documents Mandatory and enforceable components of Reliability Standards Applicability Requirements Effective dates Regulatory documents (mandatory and enforceable) ERO filing for approval Regulatory order in applicable jurisdiction Technical information (not mandatory and enforceable) Technical rationale (Guidelines and Technical basis) Whitepapers Reliability guidelines 20 10

Relevant Documents Audit and compliance (not mandatory and enforceable) RSAW Compliance Guidance o Implementation Guidance o CMEP Practice Guides 21 22 11

Current Standards Development Activities Project 2013-03 Geomagnetic Disturbance Purpose: Modifying TPL 007 1 to address directives from Order No. 830 including: Modify the benchmark GMD event definition used for GMD Vulnerability Assessments; Make related modifications to requirements pertaining to transformer thermal impact assessments; Require collection of GMD related data. NERC is directed to make data available; and Require deadlines for Corrective Action Plans (CAPs) and GMD mitigating actions Status: Passed initial ballot; will be posting for final ballot in October Developer contact information: Scott Barfield McGinnis, Scott.Barfield@nerc.net 24 12

Project 2015-09 Establish and Communicate System Operating Limits Purpose: Make changes to address recommendations from Project 2015 03 Periodic Review of System Operating Limits: IROLs are now being studied by the technical committees through the Method for Interpreting IROLs Task Force (MEITF) Replacing FAC 010 3 with a new FAC 015 1 to address SOL methodology process and coordination Updating FAC 011 and FAC 014 Balloting a new definition for System Voltage Limit Seeking informal comment on revised System Operating Limit and new SOL Exceedance definitions Status: Posting for initial ballot at the end of September Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 25 Project 2015-10 Single Points of Failure Purpose: Make changes to TPL 001 5 to address recommendations from System Protection and Control Subcommittee and System Analysis and Modeling Subcommittee assessment of single points of failure; update references to the MOD standards, and address Order No. 786 directives: Address six month threshold for planned outages Address spare equipment strategy for stability analyses Status: Posted for initial ballot September 8, 2017 Developer contact information: Latrice Harkness, latrice.harkness@nerc.net 26 13

Issue Area Source Status LERC definition Transient Devices for Low Impact (TCA) Shared BES Cyber Systems in CIP 002 5.1a Communication between BES Control Centers Transmission Owner (TO) Control Centers performing the function of a Transmission Operator (TOP) Project 2016-02 Modifications to CIP Standards Order 822 Order 822 Energy Sec RFI Order 822 V5TAG Completed Completed Completed CIP 012 2 Formal Comment and Initial Ballot concluded on 9/11/2017. SDT preparing for Additional Ballot CIP 002 6 currently posted for Formal Comment and Initial Ballot, closing 10/30/17 Virtualization in the CIP Environment V5TAG Informal Posting ended 4/11/2017; second Informal Posting anticipated fall 2017 CIP Exceptional Circumstances SAR Informal Posting ended 3/13/2017, Comments under consideration Definitions and Concepts V5TAG Being addressed in other project areas 27 Project 2016-02 Modifications to CIP Standards Meeting/Call Schedule Reserved call times Fridays 11:00 a.m. 1:00 p.m. Eastern Refer to the NERC Calendar of Events for other calls and in person meetings Contact Information NERC Standards Development staff, Katherine Street and Mat Bunch Email: katherine.street@nerc.net Telephone: 404 446 9702 Email: mat.bunch@nerc.net Telephone: 404 446 9785 28 14

Project 2016-04 Modifications to PRC-025-1 Purpose: Address issues on Generator Relay Loadability including: Provide alternative loadability Options for Table 1 specific to dispersed power producing resources; Address the inclusion or exclusion of the 50 element (i.e., instantaneous); Review Table 1 for proper application where there is more than one application for the available Option(s), Provide alternative or additional Options for Table 1 specific to relay applications that are directional toward the Transmission system where the interconnecting transmission line impedance may be a factor in determining the maximum Reactive Power output of the generators and associated relay settings; Provide an alternative to the term pickup setting in Table 1 the will better align with the intent of the standard for relays to not trip Status: Passed initial ballot Developer contact information: Scott Barfield McGinnis, Scott.Barfield@nerc.net 29 Purpose: Revise existing BAL 003 1 to address: Project 2017-01 Modifications to BAL-003-1.1 Inconsistencies in calculation of IFROs due to interconnection Frequency Response performance changes of Point C and/or Value B; Eastern Interconnection Resource Contingency Protection Criteria; Frequency nadir point limitations (currently limited to t0 to t+12), Clarification of language in Attachment A, i.e. related to Frequency Response Reserve Sharing Groups (FRSG) and the timeline for Frequency Response and Frequency Bias Setting activities; BAL 003 1 FRS Forms enhancements that include, but may not be limited to, the ability to collect and submit FRSG performance data. Status: SAR teams being formed Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 30 15

Project 2017-04 Periodic Review of INT Standards The purpose of this project is to conduct a periodic review of a subset of the Interchange (INT) Reliability Standards: INT 004 3.1; INT 006 4; INT 009 2.1; and INT 010 2.1. Provide a comprehensive review that results in a recommendation that the Reliability Standard should be: Reaffirmed; Revised; or Withdrawn. 31 Project 2017-04 Periodic Review of INT Standards First public meeting was conducted August 23 24, 2017 at NERC offices in Atlanta, GA Second public meeting will be conducted September 26 27, 2017 at Xcel Energy in Golden, CO Contact Laura Anderson, Standards Developer Email: laura.anderson@nerc.net Telephone: 404 446 9671 32 16

Project 2017-05 NUC-001-3 Periodic Review Purpose Conduct a periodic review of one Nuclear Plant Interface Coordination (NUC) Reliability Standard NUC 001 3 Provide a comprehensive review that results in a recommendation that the Reliability Standard should be: o Reaffirmed; o Revised; or o Withdrawn. 33 Project 2017-05 NUC-001-3 Periodic Review First public meeting was conducted September 12 13, 2017 at NERC offices in Washington, DC Conference call scheduled for October 17 to continue working on initial recommendations Contact Mat Bunch, Standards Developer Email: mat.bunch@nerc.net Telephone: 404 446 9785 34 17

Project 2017-06 Modifications to BAL-002-2 Purpose: Address FERC directives to modify BAL 002 2, Requirement R1, to require Balancing Authorities and Reserve Sharing Groups: To notify the reliability coordinator of the conditions set forth in Requirement R1, Part 1.3.1 preventing it from complying with the 15 minute ACE recovery period; and To provide the reliability coordinator with its ACE recovery plan, including a target recovery time Status: SAR teams being formed Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 35 Project 2017-07 Standards Alignment with Registration Aligns standards with retirement of Purchasing Selling Entity (PSE), Interchange Authority (IA), and Load Serving Entity (LSE) functions. Includes three categories: Modifications to existing standards where the removal of the retired function may need replacement by another function o Reliability Standard MOD 032 1 specifies certain data from LSEs that may need to be provided by other functional entities going forward Modifications where the applicable entity and references may be removed: o Standards are redlined and posted for industry comment and ballot o Edits to remove deregistered functional entities and their applicable requirements/references PRC 005 will be updated to replace DP with Underfrequency Load Shedding (UFLS) DP Addressing alignment through the periodic review process: o INT 004 and NUC 001 36 18

Project 2017-07 Standards Alignment with Registration SAR Drafting Team Recommendation to be presented to the Standards Committee (SC) at its October 2017 meeting SAR for Standards Alignment with Registration posted for comment 08/01/2017 08/30/2017 SAR for MOD 032 1 posted for comment 08/01/2017 08/30/2017 Contact Laura Anderson, Standards Developer Email: laura.anderson@nerc.net Telephone: 404 446 9671 37 Project 2017-02 Modifications to Personnel Performance, Training, and Qualifications Purpose: Make modifications to the PER standards based on the Project 2016 EPR 01 PER team recommendations: PER 003 1 requires a clarifying footnote to 1) understand connection between the Standard and Program Manual and 2) certifications references under PER 003 1 are from NERC System Operator Certification program; and Retire PER 004 2 Status: Meeting to finalize SAR at the end of September Developer contact information: Darrel Richardson, darrel.richardson@nerc.net 38 19

39 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback