NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION

Similar documents
Grid Security & NERC

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

NERC Overview and Compliance Update

Misoperations Information Data Analysis System (MIDAS)

DRAFT. Cyber Security Communications between Control Centers. March May Technical Rationale and Justification for Reliability Standard CIP-012-1

EEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1,

CIP Version 5 Evidence Request User Guide

Essential Reliability Services NERC Staff Report

Misoperation Information Data Analysis System

Low Impact Generation CIP Compliance. Ryan Walter

Standards Authorization Request Form

Cyber Security Incident Report

NERC Request for Data or Information: Protection System Misoperation Data Collection August 14, 2014

Standard CIP Cyber Security Security Management Controls

New Brunswick 2018 Annual Implementation Plan Version 1

Implementing Cyber-Security Standards

History of NERC January 2018

History of NERC December 2012

Critical Cyber Asset Identification Security Management Controls

Cyber Threats? How to Stop?

History of NERC August 2013

BPA and NERC, WECC, ERO

Analysis of CIP-006 and CIP-007 Violations

Electric Transmission Reliability

RELIABILITY COMPLIANCE ENFORCEMENT IN ONTARIO

This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.

Standards Authorization Request Form

Entity Registration: CFRs

Cyber Security Standards Drafting Team Update

Standard Authorization Request Form

Standard CIP Cyber Security Incident Reporting and Response Planning

Compliance Enforcement Initiative

NERC CIP Information Protection

Cybersecurity for the Electric Grid

Standard CIP-006-3c Cyber Security Physical Security

Analysis of System Protection Misoperations

Physical Security Reliability Standard Implementation

Standard CIP-006-4c Cyber Security Physical Security

Standard CIP Cyber Security Physical Security

Proposed Clean and Redline for Version 2 Implementation Plan

Standard CIP Cyber Security Critical Cyber Asset Identification

Standard CIP Cyber Security Critical Cyber Asset Identification

Regulatory Impacts on Research Topics. Jennifer T. Sterling Director, Exelon NERC Compliance Program

Québec Reliability Standards Compliance Monitoring and Enforcement Program Implementation Plan Annual Implementation Plan

Standards Authorization Request Justification

Records Retention Policy

UNITED STATES OF AMERICA BEFORE THE U.S. DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Frame 6 Users Group Conference. Cincinnati, OH. June 8-11 WELCOME USERS

Compliance Exception and Self-Logging Report Q4 2014

Standard CIP Cyber Security Electronic Security Perimeter(s)

Standard CIP 004 3a Cyber Security Personnel and Training

CIP Standards Development Overview

Cyber Security Supply Chain Risk Management

Compliance: Evidence Requests for Low Impact Requirements

Reliability Standard Audit Worksheet 1

Standard Development Timeline

Project Retirement of Reliability Standard Requirements

Implementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities

Critical Asset Identification Methodology. William E. McEvoy Northeast Utilities

Implementation Plan for Newly Identified Critical Cyber Assets and Newly Registered Entities

Standard Development Timeline

Project Cyber Security - Order No. 791 Identify, Assess, and Correct; Low Impact; Transient Devices; and Communication Networks Directives

Multi-Region Registered Entity Coordinated Oversight Program

Unofficial Comment Form Project Operating Personnel Communications Protocols COM Operating Personnel Communications Protocols

Standard CIP 007 3a Cyber Security Systems Security Management

Cyber Security Reliability Standards CIP V5 Transition Guidance:

Summary of FERC Order No. 791

NERC and Regional Coordination Update

Implementation Plan for Version 5 CIP Cyber Security Standards

CIP Cyber Security Configuration Management and Vulnerability Assessments

Critical Infrastructure Protection Committee Strategic Plan

Standard CIP Cyber Security Critical Cyber As s et Identification

Standard CIP Cyber Security Critical Cyber As s et Identification

Electric Reliability Organization Enterprise Operating Plan

Standard CIP Cyber Security Electronic Security Perimeter(s)

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Critical Infrastructure Protection Committee Strategic Plan

1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010

Title. Critical Infrastructure Protection Getting Low with a Touch of Medium. CanWEA Operations and Maintenance Summit 2018.

A. Introduction. B. Requirements and Measures

RELIABILITY OF THE BULK POWER SYSTEM

NERC Staff Organization Chart Budget

OPUC Workshop March 13, 2015 Cyber Security Electric Utilities. Portland General Electric Co. Travis Anderson Scott Smith

Standard CIP 005 4a Cyber Security Electronic Security Perimeter(s)

Standard CIP 005 2a Cyber Security Electronic Security Perimeter(s)

2017 ERO Enterprise Compliance Monitoring and Enforcement Implementation Plan

October 2, CIP-014 Report Physical Security Protection for High Impact Control Centers Docket No. RM15-14-

Standard Authorization Request Form

GridEx IV Initial Lessons Learned and Resilience Initiatives

Board of Trustees Compliance Committee

NERC Staff Organization Chart Budget 2017

Reliability Standards Development Plan

Standard CIP 007 4a Cyber Security Systems Security Management

NERC Staff Organization Chart 2015 Budget

CIP Cyber Security Systems Security Management

CIP Cyber Security Personnel & Training

Procedure For NPCC Bulk Electric System Asset Database

NERC History, Mission and Current Issues Southern States Energy Board. October 16, 2011

Order No Assessment of Protection System Single Points of Failure Based on the Section 1600 Data Request. September, 2015

Chief Executive Officer. Pacific Northwest Utilities Conference Committee Portland, Oregon March 8, 2013

Transcription:

NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION NARUC Energy Regulatory Partnership Program The Public Services Regulatory Commission of Armenia and The Iowa Utilities Board Janet Amick Senior Utility Analyst Iowa Utilities Board November 10, 2010

OVERVIEW OF NERC The North American Electric Reliability Corporation s (NERC) mission is to ensure the reliability of the North American bulk power system. Reliability - A reliable bulk power system is able to meet the electricity needs of end-use customers even when unexpected equipment failures or other factors reduce the amount of available electricity. Bulk Power System NERC defines the bulk power system as electric power generation facilities combined with the high-voltage transmission system. 2

NERC HISTORY A voluntary organization of operating personnel in US and Canada. 1980s began addressing both reliability and planning. Electric utility industry s primary point of contact with US government for national security and critical infrastructure protection issues. 3

NERC ACTIVITIES Work with industry to develop reliability standards. Assess future bulk power system reliability forecasts. Analyze system events. Monitor status of bulk power system. Coordinate physical and cyber security needs. Train, education and certify system operators. Enforce compliance with reliability standards including assessing monetary and non-monetary penalties. 4

IMPLEMENTATION OF EPACT 2005 August 2005 Energy Policy Act of 2005 is enacted authorizing the creation of a Electric Reliability Organization (ERO) to develop mandatory and enforceable reliability standards April 2006 NERC files application with FERC to become ERO in US NERC files with FERC 102 reliability standards. July 2006 FERC certifies NERC as the ERO for the US March 2007 FERC approves 83 NERC Reliability Standards Standards are legally enforceable for US bulk power system, effective June 4, 2007 April 2007 FERC approves eight delegation agreements NERC will delegate authority to monitor and enforce compliance to eight Regional Entities NERC will continue in oversight role June 2008 NERC files first violation notices 5

FRCC - Florida Reliability Coordinating Council MRO - Midwest Reliability Organization NPCC - Northeast Power Coordinating Council RFC - Reliability First Corporation SERC - SERC Reliability Corporation SPP - Southwest Power Pool, RE TRE - Texas Regional Entity WECC - Western Electricity Coordinating Council 6

NERC REGISTERED ENTITIES All bulk power system owners, operators, and users are required to register with NERC and comply with NERC Reliability Standards. Categories of registration type are based on the entity s functional type. 7

NERC AND FERC NERC ROLE FERC ROLE Must comply with FERC directives. Sole entity to draft Reliability Standards. Investigates violations and files with FERC Notice of Penalty. Cannot dictate specific content of Reliability Standards. Reviews and approves Reliability Standards. May or may not act on Notice of Penalty. 8

NERC STANDARDS Define the reliability requirements for planning and operating the North American bulk power system. Standards are developed by industry using a balanced, open, and inclusive process managed by NERC Standards Committee. The NERC reliability standards are classified within 14 specific categories. Each category contains multiple standards and each standard consists of multiple requirements. Proposed standards are submitted to FERC. Once approved by FERC, standards are mandatory and enforceable. 9

CRITICAL INFRASTRUCTURE PROTECTION (CIP) Standard CIP-002-1 CIP-003-1 CIP-004-1 CIP-005-1 CIP-006-1 CIP-007-1 CIP-008-1 CIP-009-1 Summary Requires a responsible entity to identify critical assets and critical cyber assets using a risk-based assessment methodology. Requires a responsible entity to develop and implement security management controls to protect identified critical cyber assets. Requires personnel with access to critical cyber assets to have identity verification and a criminal check. Also requires employee training. Requires the identification and protection of an electronic security perimeter and access points. Requires a responsible entity to create and maintain a physical security plan that ensures that all cyber assets within an electronic security perimeter are kept in an identified physical security perimeter. Requires a responsible entity to define methods, processes, and procedures for securing the systems identified as critical cyber assets, as well as the non-critical cyber assets within an electronic security perimeter. Requires a responsible entity to identify, classify, respond to, and report cyber security incidents related to critical cyber assets. Requires the establishment of recovery plans for critical cyber assets using established business continuity and disaster recovery techniques and practices. 10

NERC TODAY Currently 95 Reliability Standards. 1,800 Registered Entities, including entities in Canada. Over 500 Notices of Penalty have been issued. Range of penalties assessed from $0 to $250,000. Ongoing review of standards and development of new standards. 11

QUESTIONS? Janet Amick Iowa Utilities Board janet.amick@iowa.gov NARUC Energy Regulatory Partnership Program The Public Services Regulatory Commission of Armenia and The Iowa Utilities Board 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback